Adobe.JRun.Logviewer.Jsp.Directory.Traversal
Description
This indicates an attack attempt against a directory traversal vulnerability in Adobe JRun.
A vulnerability has been reported in Adobe JRun that may allow an attacker to gain knowledge of sensitive information on a vulnerable system. This is possible because the user input filters fail to properly sanitize the logfile parameter value that is passed to "logviewer.jsp". An attacker may read any file on the vulnerable server by sending a crafted http request.
Affected Products
Adobe JRun version 4.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround:
http://www.adobe.com/support/security/bulletins/apsb09-12.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |