CVE-2000-0539

5 documents4 sources
Severity
6.4MEDIUM
EPSS
0.5%
top 32.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Macromedia Jrun
Timeline
PublishedJun 22
Latest updateApr 30

Description

Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

Patches

Patch: www.allaire.comPatch: www.securityfocus.comPatch: www.allaire.com

🔴Vulnerability Details

2
GHSA
GHSA-wwgv-vf3h-hmgf: Servlet examples in Allaire JRun 22022-04-30
CVEList
CVE-2000-0539: Servlet examples in Allaire JRun 22000-10-13

💥Exploits & PoCs

2
Exploit-DB
Microsoft Edge Chakra - 'InitClass' Type Confusion2019-01-18
Exploit-DB
Demarc PureSecure 1.0.5 - Authentication Check SQL Injection2002-04-15
CVE-2000-0539 (MEDIUM CVSS 6.4) | Servlet examples in Allaire JRun 2. | cvebase.io