Lucene search
MitreCVE-2001-1513HistoryJul 14, 2005 - 4:00 a.m.
CVE-2001-1513
2005-07-1404:00:00
mitre
web.nvd.nist.gov
23
cve-2001-1513
macromedia jrun 3.0
macromedia jrun 3.1
session hijacking
remote attack
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.01
Percentile
83.4%
Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing ‘/’ (slash), as demonstrated using ctx.
Affected configurations
Node
macromediajrunMatch3.0
ORmacromediajrunMatch3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| macromedia | jrun | 3.0 | cpe:2.3:a:macromedia:jrun:3.0:*:*:*:*:*:*:* |
| macromedia | jrun | 3.1 | cpe:2.3:a:macromedia:jrun:3.1:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.01
Percentile
83.4%
Related for CVE-2001-1513