Macromedia: >> Jrun >> 3.0 Security Vulnerabilities
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.
CVSS Score
10.0
EPSS Score
0.396
Published
2002-08-12
Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL.
CVSS Score
10.0
EPSS Score
0.057
Published
2002-07-11
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
CVSS Score
5.0
EPSS Score
0.034
Published
2001-12-31
JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "jsp%00" or (2) "js%2570".
CVSS Score
5.0
EPSS Score
0.006
Published
2001-12-31
Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx.
CVSS Score
7.5
EPSS Score
0.059
Published
2001-12-31
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.
CVSS Score
5.0
EPSS Score
0.004
Published
2001-12-31
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack sessions via HTTP referrer fields or sniffing.
CVSS Score
5.0
EPSS Score
0.004
Published
2001-12-31
SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.
CVSS Score
5.0
EPSS Score
0.021
Published
2001-11-28
Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message.
CVSS Score
7.5
EPSS Score
0.003
Published
2001-07-02
Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."
CVSS Score
5.0
EPSS Score
0.03
Published
2001-05-03