Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia jrun 4.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-0646
Buffer overflow in the WriteToLog function for JRun 3.0 up to and including 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote malicious users to execute arbitrary code via a long HTTP header Content-Type fie...
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
10
CVSSv2
CVE-2002-0665
Macromedia JRun Administration Server allows remote malicious users to bypass authentication on the login form via an extra slash (/) in the URL.
Macromedia Jrun 4.0
Macromedia Jrun 3.0
Macromedia Jrun 3.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-4472
Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters.
Macromedia Jrun 4.0
Macromedia Jrun 4.0 Build 61650
7.5
CVSSv2
CVE-2004-2182
Session fixation vulnerability in Macromedia JRun 4.0 allows remote malicious users to hijack user sessions by pre-setting the user session ID information used by the session server.
Macromedia Jrun 4.0
Macromedia Jrun 4.0 Build 61650
7.5
CVSSv2
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
7.5
CVSSv2
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and previous versions allows remote malicious users to execute arbitrary via an HTTP GET request with a long .jsp file name.
Macromedia Jrun
5
CVSSv2
CVE-2005-4473
Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote malicious users to view web application source code via "a malformed URL."
Macromedia Jrun 4.0
Macromedia Jrun 4.0 Build 61650
5
CVSSv2
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 4.0
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Hitachi Cosminexus Server Web 01-01 1
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
5
CVSSv2
CVE-2004-1815
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote malicious users to cause a denial of service (memory consumption).
Sun One Application Server 7.0
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Macromedia Jrun 4.0
Macromedia Jrun 4.0 Build 61650
5
CVSSv2
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote malicious users to view the source code of .JSP files via Unicode encoded character values in a URL.
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Macromedia Jrun 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »