Vulnerabilities > CVE-2000-1053 - Unspecified vulnerability in Macromedia Jrun 2.3.X

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
macromedia
critical
exploit available
NVD
Published: 2000-12-11
Updated: 2017-12-19

Summary

Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.

Vulnerable Configurations

Part Description Count
Application
Macromedia
1

Exploit-Db

descriptionAllaire JRun 2.3 Arbitrary Code Execution Vulnerability. CVE-2000-1053. Remote exploits for multiple platform
idEDB-ID:20314
last seen2016-02-02
modified2000-10-23
published2000-10-23
reporterFoundstone Labs
sourcehttps://www.exploit-db.com/download/20314/
titleAllaire JRun 2.3 - Arbitrary Code Execution Vulnerability

References