Intrusion Prevention

Macromedia.ISAPI.GET.Buffer.Overflow

Description

This indicates a possible exploit of a heap-based buffer overflow vulnerability in the IIS ISAPI handler in Macromedia ColdFusion 6.0 and Macromedia JRun 4.0.
This vulnerability may allow an attacker to execute arbitrary code on Microsoft IIS web servers running vulnerable versions of Macromedia ColdFusion or JRun. This is due to the IIS ISAPI handler's failure to bounds check HTTP GET requests that are passed to it. When exploiting this vulnerability in JRUN, an attacker may send specially crafted HTTP GET requests with a long .cfm file name. In ColdFusion, a long .jsp file name is sent. If the size of the file name is over 4096 bytes, a buffer overrun occurs which leads to arbitrary code execution.

Affected Products

Macromedia JRun 4.0 and earlier versions and Macromedia Coldfusion MX 6.0

Impact

Compromise of the affected system.

Recommended Actions

For ColdFusion, apply the patch from the following web site:
http://www.macromedia.com/v1/handlers/index.cfm?ID=23161
For JRun, apply the patch from the following web site:
http://www.macromedia.com/v1/handlers/index.cfm?ID=23500

CVE References

CVE-2002-1309 CVE-2002-1310