Vulnerabilities > Macromedia > Jrun > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-23 | CVE-2004-0646 | Remote vulnerability in Macromedia Coldfusion and Jrun Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields. | 10.0 |
| 2002-08-12 | CVE-2002-0801 | Buffer Overflow vulnerability in Macromedia JRun Host Header Field Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file. | 10.0 |
| 2002-07-11 | CVE-2002-0665 | Authentication Bypass vulnerability in Macromedia Jrun 3.0/3.1/4.0 Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL. | 10.0 |
| 2000-12-11 | CVE-2000-1053 | Unspecified vulnerability in Macromedia Jrun 2.3.X Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. | 10.0 |