Info

Disclosure

Sep 29, 2004

Discovery

Unknown

Dates

Exploit

Dec 10, 2005

Solution

Sep 29, 2004

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Commercial
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Macromedia has released a patch to address this vulnerability.

Products

Unknown or Incomplete

References

Bugtraq ID: 11245
Secunia Advisory ID: 12647 13518
ISS X-Force ID: 17485
CVE ID: 2004-0646 (see also: NVD)
CERT VU: 990200
Other Advisory URL: http://www.hitachi-support.com/security_e/vuls_e/HS04-008_e/01-e.html
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=145&type=vulnerabilities
http://www.securiteam.com/securitynews/6Z00515BFM.html
Vendor Specific Advisory URL: http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html
http://www.macromedia.com/devnet/security/security_zone/mpsb04-09.html
Vendor URL: http://www.macromedia.com/software/jrun/
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/jrun_writetolog_bo
Mail List Post: http://www.securityfocus.com/archive/1/377194

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/10546