CERT Advisory CA-2002-14 - A remotely exploitable buffer overflow in Macromedia JRun v3.0 and 3.1 when running with IIS 4 or 5 allows remote attackers to execute code with SYSTEM privileges. According to Macromedia, JRun is deployed at over 10,000 organizations worldwide.
cee2fc10d87afb680259c6f67e016f6345d10f40911ebac451a3ef50ee172dd7