Patch: Macromedia JRun version 3.0

The SANS Institute has warned the IIS ISAPI application shipped with Macromedia JRun versions 3.0 and 3.1 contains a buffer overflow in the handling of large HTTP Host headers, letting a remote attacker execute arbitrary code on the system.

Macromedia has confirmed the vulnerability, and has released a patch: http://download.allaire.com/publicdl/en/jrun/31/jrun-31-win-upgrade-us_26414.exe

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AllaireMacromediaSANS InstituteThe SANS Institute

Show Comments