News
News
5/29/2002
02:37 PM
50%
50%

Significant Vulnerability Found In Macromedia JRun 3.1

Macromedia's JRun Java 2 Enterprise Edition app server has a flaw that hackers could exploit.

Computer-security vendor Next Generation Security Software Ltd. says it has found a buffer-overflow flaw in Macromedia Inc.'s JRun Java 2 Enterprise Edition app server that could let hackers gain complete control of a system.

According to the alert, systems with JRun 3.1 installed on Microsoft's Internet Information Services 4 and 5 on Windows NT 4 and 2000 are vulnerable to this flaw, which can be exploited remotely.

The flaw is made possible when an Internet Services application programming interface file is created during the installation of JRun 3.1. A related flaw enabled the Code Red virus to infect hundreds of thousands of systems worldwide last summer.

Macromedia's recently released JRun version 4 shouldn't be affected by the security glitch, Next Generation says. It's urging companies to upgrade to that version. A patch can be found at http://www.macromedia.com/v1/handlers/index.cfm?ID=22994

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of January 18, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.