|
|
CVE Reference: CVE-2004-0646 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0646 |
|
|
Description: Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/17485 SAID Secunia Advisory: SA12647 CONFIRM http://www.macromedia.com/devnet/security/security_zone/mpsb04-09.html http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html CERT-VN 990200 BUGTRAQ http://www.securityfocus.com/archive/1/377194 BID 11245 |
|
| Return to the previous page. |
