Significant Vulnerability Found In Macromedia JRun 3.1
Macromedia's JRun Java 2 Enterprise Edition app server has a flaw that hackers could exploit.
Computer-security vendor Next Generation Security Software Ltd. says it has found a buffer-overflow flaw in Macromedia Inc.'s JRun Java 2 Enterprise Edition app server that could let hackers gain complete control of a system.
According to the alert, systems with JRun 3.1 installed on Microsoft's Internet Information Services 4 and 5 on Windows NT 4 and 2000 are vulnerable to this flaw, which can be exploited remotely.
The flaw is made possible when an Internet Services application programming interface file is created during the installation of JRun 3.1. A related flaw enabled the Code Red virus to infect hundreds of thousands of systems worldwide last summer.
Macromedia's recently released JRun version 4 shouldn't be affected by the security glitch, Next Generation says. It's urging companies to upgrade to that version. A patch can be found at http://www.macromedia.com/v1/handlers/index.cfm?ID=22994
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.