Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0937

4 documents4 sources
Severity
5.0MEDIUM
EPSS
1.4%
top 19.78%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Macromedia Jrun
Timeline
PublishedOct 4
Latest updateApr 30

Description

The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmacromedia/jrun3.0, 3.1, 4.0+2

🔴Vulnerability Details

2
GHSA
GHSA-xjwg-xw76-crgq: The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that ca2022-04-30
CVEList
CVE-2002-0937: The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that ca2002-08-31

💥Exploits & PoCs

1
Exploit-DB
Macromedia JRun 3/4 JSP Engine - Denial of Service2002-06-12
CVE-2002-0937 (MEDIUM CVSS 5) | The Java Server Pages (JSP) engine | cvebase.io