Test ID:	1.3.6.1.4.1.25623.1.0.900823
Category:	Windows
Title:	Adobe JRun 4.0 Management Console Multiple Vulnerabilities (APSB09-12)
Summary:	Adobe JRun is prone to multiple vulnerabilities.
Description:	Summary: Adobe JRun is prone to multiple vulnerabilities. Vulnerability Insight: - Multiple XSS vulnerabilities exist due to error in the Management Console which can be exploited to inject arbitrary web script or HTML via unspecified vectors. - A Directory traversal attack is possible due to error in logging/logviewer.jsp in the Management Console which can be exploited by authenticated users to read arbitrary files via a .. (dot dot) in the logfile parameter. Vulnerability Impact: Successful exploitation could allow remote attackers to cause XSS attacks or Directory Traversal attack using the affected application. Affected Software/OS: Adobe JRun version 4.0 on Windows. Solution: Apply the security updates from the referenced advisories. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1873 Bugtraq: 20090817 [DSECRG-09-052] Adobe JRun 4 Directory Traversal Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/505808/100/0/threaded https://www.exploit-db.com/exploits/9443 http://www.dsecrg.com/pages/vul/show.php?id=152 http://osvdb.org/57186 Common Vulnerability Exposure (CVE) ID: CVE-2009-1874 Bugtraq: 20090817 [DSECRG-09-051] Adobe JRun 4 Multiple XSS (Google Search) http://www.securityfocus.com/archive/1/505804/100/0/threaded http://www.dsecrg.com/pages/vul/show.php?id=151 http://osvdb.org/57187
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.