<?xml version="1.0" encoding="UTF-8"?>
<VrdaData refvuldefversion="1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://vrda.jpcert.or.jp" xsi:schemaLocation="http://vrda.jpcert.or.jp/feed/xsd/vrda_data.xsd">
  <VrdaDataProvider>
    <Name>JVN iPedia</Name>
    <URL>http://jvndb.jvn.jp</URL>
  </VrdaDataProvider>
  <VrdaDataSourceType>Advisory</VrdaDataSourceType>
  <Vulinfo revisionno="1" lang="ja" invalidated="false">
    <VulinfoID>JVNDB-2000-000252</VulinfoID>
    <VulinfoData>
      <Title>macromedia&#12398;jrun&#12395;&#12362;&#12369;&#12427;&#19981;&#29305;&#23450;&#12398;&#33030;&#24369;&#24615;</Title>
      <VulinfoDescription>
        <Overview>Allaire JRun 2.3.3 &#12469;&#12540;&#12496;&#12540;&#12399;&#12289;&#12522;&#12514;&#12540;&#12488;&#12398;&#25915;&#25731;&#32773;&#12364;&#12463;&#12525;&#12473;&#12469;&#12452;&#12488;&#12473;&#12463;&#12522;&#12503;&#12486;&#12451;&#12531;&#12464;&#65288;XSS&#65289;&#25915;&#25731;&#12434;&#20171;&#12375;&#12390;JSP&#12467;&#12540;&#12489;&#12434;&#25407;&#20837;&#12375;&#12289;com.livesoftware.jrun.plugins.JSP &#12469;&#12540;&#12502;&#12524;&#12483;&#12488;&#12434;&#30452;&#25509;&#21628;&#12403;&#20986;&#12375;&#12390;JSP&#12467;&#12540;&#12489;&#12434;&#12467;&#12531;&#12497;&#12452;&#12523;&#12362;&#12424;&#12403;&#23455;&#34892;&#12391;&#12365;&#12427;&#33030;&#24369;&#24615;&#12434;&#21547;&#12435;&#12391;&#12356;&#12414;&#12377;&#12290;</Overview>
      </VulinfoDescription>
      <Affected>
        <AffectedItem affectedstatus="vulnerable">
          <Lapt>cpe:/a:macromedia:jrun</Lapt>
        </AffectedItem>
      </Affected>
      <FactAnalysis>
        <AccessComplexity>Low</AccessComplexity>
        <AccessVector>Network</AccessVector>
        <Authentication>None</Authentication>
        <AvailabilityImpact>Complete</AvailabilityImpact>
        <ConfidentialityImpact>Complete</ConfidentialityImpact>
        <IntegrityImpact>Complete</IntegrityImpact>
      </FactAnalysis>
      <Related>
        <RelatedItem relationtype="self" origin="jvnipedia">
          <URL>https://jvndb.jvn.jp/ja/contents/2000/JVNDB-2000-000252.html</URL>
        </RelatedItem>
        <RelatedItem relationtype="alternate" origin="other">
          <Name>Common Vulnerabilities and Exposures (CVE)</Name>
          <VulinfoID>CVE-2000-1053</VulinfoID>
          <URL>https://www.cve.org/CVERecord?id=CVE-2000-1053</URL>
        </RelatedItem>
        <RelatedItem relationtype="alternate" origin="other">
          <Name>National Vulnerability Database (NVD)</Name>
          <VulinfoID>CVE-2000-1053</VulinfoID>
          <URL>https://nvd.nist.gov/vuln/detail/CVE-2000-1053</URL>
        </RelatedItem>
        <RelatedItem relationtype="reference" origin="other">
          <Name>Allaire</Name>
          <VulinfoID>Squarespace - Domain Not Claimed</VulinfoID>
          <URL>http://www.allaire.com/handlers/index.cfm?ID=17969&amp;Method=Full</URL>
        </RelatedItem>
        <RelatedItem relationtype="reference" origin="other">
          <Name>JVNDB</Name>
          <VulinfoID>CWE-Other</VulinfoID>
          <Title>&#12381;&#12398;&#20182;</Title>
          <URL>https://www.ipa.go.jp/security/vuln/scap/cwe.html</URL>
        </RelatedItem>
        <RelatedItem relationtype="reference" origin="other">
          <Name>&#38306;&#36899;&#25991;&#26360;</Name>
          <VulinfoID>Allaire JRun Server JSP files could be executed as JSP scripts on the server CVE-2000-1053 Vulnerability Report</VulinfoID>
          <URL>https://exchange.xforce.ibmcloud.com/vulnerabilities/5406</URL>
        </RelatedItem>
        <RelatedItem relationtype="reference" origin="other">
          <Name>&#38306;&#36899;&#25991;&#26360;</Name>
          <VulinfoID>'Allaire JRUN 2.3 Remote command execution' - MARC</VulinfoID>
          <URL>http://marc.info/?l=bugtraq&amp;m=97236125107957&amp;w=2</URL>
        </RelatedItem>
      </Related>
      <DateFirstPublished>2026-07-03T11:06:25+09:00</DateFirstPublished>
      <DateLastUpdated>2026-07-03T11:06:25+09:00</DateLastUpdated>
    </VulinfoData>
  </Vulinfo>
</VrdaData>
