Intrusion Prevention



This indicates a possible exploit of a heap-based buffer overflow vulnerability in the IIS ISAPI handler in Macromedia ColdFusion 6.0 and Macromedia JRun 4.0.
This vulnerability may allow an attacker to execute arbitrary code on Microsoft IIS web servers running vulnerable versions of Macromedia ColdFusion or JRun. This is due to the IIS ISAPI handler's failure to bounds check HTTP GET requests that are passed to it. When exploiting this vulnerability in JRUN, an attacker may send specially crafted HTTP GET requests with a long .cfm file name. In ColdFusion, a long .jsp file name is sent. If the size of the file name is over 4096 bytes, a buffer overrun occurs which leads to arbitrary code execution.

Affected Products

Macromedia JRun 4.0 and earlier versions and Macromedia Coldfusion MX 6.0


Compromise of the affected system.

Recommended Actions

For ColdFusion, apply the patch from the following web site:
For JRun, apply the patch from the following web site:

CVE References

CVE-2002-1309 CVE-2002-1310