Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia jrun 3.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1477
Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote malicious users to execute arbitrary web script or HTML and possibly hijack a user's session.
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
NA
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 01 1
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Hitachi Cosminexus Server Web 01-01 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
NA
CVE-2004-0646
Buffer overflow in the WriteToLog function for JRun 3.0 up to and including 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote malicious users to execute arbitrary code via a long HTTP header Content-Type fie...
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Macromedia Jrun 4.0
NA
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 01 1
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Coldfusion 6.1
Macromedia Coldfusion 6.0
Hitachi Cosminexus Server Web 01-01 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
NA
CVE-2002-1855
Macromedia JRun 3.0 up to and including 4.0, when running on Windows, allows remote malicious users to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF...
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
NA
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote malicious users to view the source code of .JSP files via Unicode encoded character values in a URL.
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
NA
CVE-2002-2187
Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact.
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
NA
CVE-2002-0937
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
1 EDB exploit
NA
CVE-2002-1025
JRun 3.0 up to and including 4.0 allows remote malicious users to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
Macromedia Jrun 3.1
Macromedia Jrun 3.0
Macromedia Jrun 4.0
NA
CVE-2002-0801
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote malicious users to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.
Macromedia Jrun 3.1
Macromedia Jrun 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »