CVE-2001-1544

Directory traversal vulnerability in Macromedia JRun Web Server JWS 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. dot dot in the HTTP GET request...

CVE-2001-1545

Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests a.k.a. rewriting when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing...

EUVD-2002-2165

Malware in sbrugna...

EUVD-2001-1521

Malware in sbrugna...

EUVD-2002-2166

Malware in sbrugna...

EUVD-2001-1490

Malware in sbrugna...

EUVD-2004-2174

Malware in sbrugna...

EUVD-2002-0659

Malware in sbrugna...

EUVD-2002-1294

Malware in sbrugna...

EUVD-2001-1522

Malware in sbrugna...

EUVD-2005-2307

Malware in sbrugna...

EUVD-2002-1834

Malware in sbrugna...

EUVD-2005-4468

Malware in sbrugna...

CVE-2002-2187

Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact...

CVE-2004-2182

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server...

CVE-2002-2186

Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL...

CVE-2002-1855

Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

Macromedia JRun 4.0 build 61650 Administrative Interface Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9112/info A number of cross-site scripting vulnerabilities have been reported for Macromedia Jrun, specifically in the administrative interface. The problem is said to occur due to insufficient sanitization of URI...

Macromedia JRun 3/4 JSP Engine Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4997/info A vulnerability has been reported in Macromedia JRun for Windows that results in a denial of service condition. The vulnerability occurs when JRun encounters a malicious JSP page. The following snippet of code i...

Macromedia JRun 4 mod_jrun Buffer Overflow (CVE-2004-0646)

Macromedia JRun is an application server used to deploy J2EE Java 2 Enterprise Edition applications, JSPs Java Server Pages, and other Java applications. It can be used as a stand-alone web server or can be accessed through other web servers including Apache. Apache can communicate with the JRun...