Adobe patches the four critical vulnerabilities in ColdFusion

Posted: January 17, 2013 in IT Security News, Security Notices
Tags: , ,

Adobe Logo

Vulnerabilities in Adobe ColdFusion

Company Adobe released a security update for its scripting language ColdFusion.

According to the message of developers, at the time of emergence of updatings the corrected vulnerabilities actively were operated by malicious software in such versions of the program, as 10, 9.0.2, 9.0.1 and 9 for the Windows, Mac OS X and UNIX operating systems.

Let’s remind, earlier the company already reported that these gaps allow the removed malefactor to bypass the authentication mechanism, to get access to the protected directories, and also complete control over system. All eliminated Adobe of vulnerability contain in ColdFusion of versions 9.x. Thus two gaps are present also at version 10 ColdFusion.

Developers company recommends users install the security update as soon as possible. To this end, the company has published instructions on set of updates that as a result of disconnected RDS service (default).

More information about the vulnerability description here.

Hotfix available for ColdFusion:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s