Significant Vulnerability Found In Macromedia JRun 3.1

Macromedia's JRun Java 2 Enterprise Edition app server has a flaw that hackers could exploit.



Computer-security vendor Next Generation Security Software Ltd. says it has found a buffer-overflow flaw in Macromedia Inc.'s JRun Java 2 Enterprise Edition app server that could let hackers gain complete control of a system.

According to the alert, systems with JRun 3.1 installed on Microsoft's Internet Information Services 4 and 5 on Windows NT 4 and 2000 are vulnerable to this flaw, which can be exploited remotely.

The flaw is made possible when an Internet Services application programming interface file is created during the installation of JRun 3.1. A related flaw enabled the Code Red virus to infect hundreds of thousands of systems worldwide last summer.

Macromedia's recently released JRun version 4 shouldn't be affected by the security glitch, Next Generation says. It's urging companies to upgrade to that version. A patch can be found at http://www.macromedia.com/v1/handlers/index.cfm?ID=22994

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service