6 matches found
EUVD-2002-1294
Malware in sbrugna...
Macromedia JRun 4.0 build 61650 Administrative Interface Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9112/info A number of cross-site scripting vulnerabilities have been reported for Macromedia Jrun, specifically in the administrative interface. The problem is said to occur due to insufficient sanitization of URI...
CVE-2004-2182
CVE-2004-2182 (Macromedia JRun 4.0) describes a session fixation vulnerability where remote attackers can hijack user sessions by pre-setting the session ID information used by the session server. Public sources in the provided documents consistently identify JRun 4.0 as affected and cite the vul...
CVE-2004-2182
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server...
CVE-2002-1310
The CVE-2002-1310 entry affects the IIS ISAPI handler for Macromedia JRun 4.0 and earlier, where a heap-based buffer overflow in the error-handling path can be triggered by an HTTP GET with a long .jsp filename. This leads to potential remote arbitrary-code execution. The vulnerability is tied to...
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name...