|
Description
|
|
Multiple vulnerabilities have been identified in Adobe JRun, which could be exploited by attackers to gain knowledge of sensitive information.
The first issue is caused by an input validation error in the management console (logging/logviewer.jsp) when processing the "logfile" parameter, which could be exploited to conduct directory traversal attacks.
The second vulnerability is caused by input validation errors in the management console when processing user-supplied data, which could be exploited by authenticated attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected site.
|
