Macromedia.JRun.Server.File.Disclosure
Description
This indicates a possible attempt to exploit a file disclosure vulnerability in Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE. The vulnerability allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files.
Affected Products
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE.
Impact
Source code disclosure.
Recommended Actions
Apply patches.
JRun 3.0 / 3.1:
See the original vendor advisory
JRun 4.0:
http://www.macromedia.com/support/jrun/updaters.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |