Adobe ColdFusion Multiple Vulerabilities
Last Update Date:
16 Jan 2013
Release Date:
8 Jan 2013
5685
Views
RISK: High Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities have been identified in Adobe ColdFusion. A remote user can gain access to the target system, and obtain potentially sensitive information.
- A remote user can bypass authentication and take control of the target system, and gain access to restricted directories. Only systems with password protection disabled or with no password set are affected.
- A remote user can obtain potentially sensitive information.
Note: The vulnerabilities are being exploited in the wild.
Impact
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Versions 9.0, 9.0.1, 9.0.2, 10
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply hotfix: [Update on 16/01/2013]
http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.html
Vulnerability Identifier
Source
Related Link
Share with