Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in the WriteToLog function for JRun 3.0 up to and including 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote malicious users to execute arbitrary code via a long HTTP header Content-Type field or other fields.

Vulnerable Product	Search on Vulmon	Subscribe to Product
macromedia coldfusion 6.0
macromedia coldfusion 6.1
macromedia jrun 4.0
macromedia jrun 3.0
macromedia jrun 3.1

NVD-CWE-Other http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.securityfocus.com/bid/11245 http://www.securityfocus.com/archive/1/377194 http://www.macromedia.com/devnet/security/security_zone/mpsb04-09.html http://www.kb.cert.org/vuls/id/990200 http://secunia.com/advisories/12647/https://exchange.xforce.ibmcloud.com/vulnerabilities/17485 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0646

Vulnerability Summary

References

Vulmon Search

About

Products

Connect