Patch: Macromedia JRun version 3.0

The SANS Institute has warned the IIS ISAPI application shipped with Macromedia JRun versions 3.0 and 3.1 contains a buffer overflow in the handling of large HTTP Host headers, letting a remote attacker execute arbitrary code on the system.

Macromedia has confirmed the vulnerability, and has released a patch:

Join the newsletter!

Error: Please check your email address.

More about AllaireMacromediaSANS InstituteThe SANS Institute

Show Comments