CVE-2001-1513

Name of the Vulnerable Software and Affected Versions Macromedia JRun versions 3.0 through 3.1

Description The issue allows remote attackers to obtain duplicate active user session IDs and perform actions as other users. This can be achieved by making a URL request for the web application directory without the trailing '/' (slash).

Recommendations For Macromedia JRun versions 3.0 through 3.1, ensure that URL requests for the web application directory include a trailing '/' (slash) to prevent duplicate active user session IDs from being obtained. At the moment, there is no information about a newer version that contains a fix for this vulnerability.