Vulnerability Database

296,746

Total vulnerabilities in the database

CVE-2004-2182

Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2182
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
macromedia / jrun	4.0-sp1a	4.0-sp1a.x
macromedia / jrun	4.0-sp1	4.0-sp1.x
macromedia / jrun	4.0	4.0.x
macromedia / jrun	4.0_build_61650	4.0_build_61650.x

http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html
http://www.securityfocus.com/bid/11414

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo