Adobe JRun 4.0

CPE Details

Adobe JRun 4.0
adobe
jrun
4.0
2007-08-23
19h16 +00:00
2009-03-05
16h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:adobe:jrun:4.0:*:*:*:*:*:*:*

Informations

Vendor

adobe

Product

jrun

Version

4.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2009-1873 2009-08-18 20h00 +00:00 Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter.
4
CVE-2009-1874 2009-08-18 20h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
4.3
CVE-2006-5860 2007-02-14 01h00 +00:00 Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
4.3
CVE-2006-5858 2007-01-10 01h00 +00:00 Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file.
5