Patch: Macromedia JRun version 3.0

The SANS Institute has warned the IIS ISAPI application shipped with Macromedia JRun versions 3.0 and 3.1 contains a buffer overflow in the handling of large HTTP Host headers, letting a remote attacker execute arbitrary code on the system.

Macromedia has confirmed the vulnerability, and has released a patch: http://download.allaire.com/publicdl/en/jrun/31/jrun-31-win-upgrade-us_26414.exe

Join the newsletter!

Error: Please check your email address.

More about AllaireMacromediaSANS InstituteThe SANS Institute

Show Comments

Market Place