Macromedia : Security Vulnerabilities, CVEs, Published In 2000
Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
Max CVSS
10.0
EPSS Score
2.82%
Published
2000-12-11
Updated
2017-12-19
Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet.
Max CVSS
5.0
EPSS Score
0.70%
Published
2000-12-11
Updated
2016-10-18
Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet.
Max CVSS
5.0
EPSS Score
0.36%
Published
2000-12-11
Updated
2017-10-10
Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Max CVSS
5.0
EPSS Score
1.49%
Published
2000-12-11
Updated
2017-10-10
Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.
Max CVSS
5.0
EPSS Score
0.99%
Published
2000-12-11
Updated
2017-10-10
JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
Max CVSS
5.0
EPSS Score
0.49%
Published
2000-06-22
Updated
2017-10-10
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
Max CVSS
6.4
EPSS Score
0.38%
Published
2000-06-22
Updated
2017-10-10
7 vulnerabilities found