News
News
5/29/2002
02:37 PM
50%
50%

Significant Vulnerability Found In Macromedia JRun 3.1

Macromedia's JRun Java 2 Enterprise Edition app server has a flaw that hackers could exploit.

Computer-security vendor Next Generation Security Software Ltd. says it has found a buffer-overflow flaw in Macromedia Inc.'s JRun Java 2 Enterprise Edition app server that could let hackers gain complete control of a system.

According to the alert, systems with JRun 3.1 installed on Microsoft's Internet Information Services 4 and 5 on Windows NT 4 and 2000 are vulnerable to this flaw, which can be exploited remotely.

The flaw is made possible when an Internet Services application programming interface file is created during the installation of JRun 3.1. A related flaw enabled the Code Red virus to infect hundreds of thousands of systems worldwide last summer.

Macromedia's recently released JRun version 4 shouldn't be affected by the security glitch, Next Generation says. It's urging companies to upgrade to that version. A patch can be found at http://www.macromedia.com/v1/handlers/index.cfm?ID=22994

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.