Vulnerabilities > CVE-2002-1310 - Buffer Overrun vulnerability in Macromedia JRun IIS ISAPI Filter GET Request
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and earlier allows remote attackers to execute arbitrary via an HTTP GET request with a long .jsp file name.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-11/0149.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0080.html
- http://marc.info/?l=bugtraq&r=1&b=200211&w=2
- http://www.eeye.com/html/Research/Advisories/AD20021112.html
- http://www.securityfocus.com/bid/6122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10568