Vulnerabilities > CVE-2000-1053 - Unspecified vulnerability in Macromedia Jrun 2.3.X

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
macromedia
critical
exploit available

Summary

Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.

Vulnerable Configurations

Part Description Count
Application
Macromedia
1

Exploit-Db

descriptionAllaire JRun 2.3 Arbitrary Code Execution Vulnerability. CVE-2000-1053. Remote exploits for multiple platform
idEDB-ID:20314
last seen2016-02-02
modified2000-10-23
published2000-10-23
reporterFoundstone Labs
sourcehttps://www.exploit-db.com/download/20314/
titleAllaire JRun 2.3 - Arbitrary Code Execution Vulnerability