Macromedia: >> Jrun >> 2.3 Security Vulnerabilities
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name.
CVSS Score
7.5
EPSS Score
0.076
Published
2002-11-29
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
CVSS Score
6.4
EPSS Score
0.005
Published
2000-06-22
JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
CVSS Score
5.0
EPSS Score
0.006
Published
2000-06-22