Jrun Security Vulnerabilities and Issues — Jrun CVE List

Lucene search

AdobeJrun

3 matches found

CVE•added 2007/02/14 2:28 a.m.•48 views

CVE-2006-5860

Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3CVSS5.6AI score0.02328EPSS

CVE•added 2007/01/10 2:0 a.m.•47 views

CVE-2006-5858

Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file.

5CVSS6.7AI score0.07899EPSS

CVE•added 2007/03/16 8:19 p.m.•42 views

CVE-2007-1278

Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root.

4.3CVSS6.6AI score0.04573EPSS