I have been asked by Macromedia to point out that the cumulative patch for JRun 3.1 found at http://www.macromedia.com/v1/Handlers/index.cfm?ID=22273&Method=Full also addresses the buffer overflow vulnerability discussed in our advisory, number #NISR29052002. Customers not wishing to upgrade to Version 4 should install this patch. Thanks, David Litchfield http://www.ngssoftware.com/
