CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
96.1%
A remotely exploitable buffer overflow exists in Macromedia’s JRun version 3.1 on Win32 platforms.
A remotely exploitable buffer overflow exists in the Win32 version of Macromedia’s JRun version 3.1 on Win32 platforms.
JRun is an application server that works with most popular web servers such as Apache and IIS. Macromedia states that JRun is deployed at over 10,000 organizations worldwide.
As reported in the Next Generation Security Software Advisory (#NISR29052002), a remotely exploitable buffer overflow exists in the ISAPI filter/application. Specifically, the buffer overflow exists in the portion of code that handles the host header field. If an attacker sends a specially crafted request to the application server, he can overwrite a return address on the stack. Because the vulnerable DLL is running in the address space of the web server process (at least on IIS 4 & 5), code submitted by the attacker will be run with SYSTEM privileges.
A remote attacker can execute arbitrary code on the vulnerable target with SYSTEM privileges.
Apply the patch from Macromedia Inc. or upgrade to JRun 4.
None.
703835
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 29, 2002 Updated: May 29, 2002
Affected
Macromedia has confirmed that this is a problem in older versions of JRun 3.0 and 3.1 and is soon to publish a security bulletin regarding this. Visit the Macromedia security zone site at http://www.macromedia.com/security for more information.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23703835 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was discovered by David Litchfield of Next Generation Security Software.
This document was written by Ian A. Finlay.
CVE IDs: | CVE-2002-0801 |
---|---|
Severity Metric: | 54.00 Date Public: |