Macromedia JRun Unauthorized Session Access Vulnerability

Macromedia JRun Unauthorized Session Access Vulnerability

Macromedia JRun is affected by a vulnerability that may allow a user's session to be shared with another user.

Under certain circumstances, two users may share the same session facilitating various attacks including a compromise of the user's account.

It should be noted that this issue cannot be triggered by an attacker and occurs rarely.

JRun 4.0, ColdFusion MX 7.0 Enterprise Multi-Server Edition, and ColdFusion MX 6.1 Enterprise with JRun are affected by this vulnerability.