ColdFusion 10,9.0.2, 9.0.1, 9.0, and earlier versions for Windows, Macintosh, and UNIX vulnerable.
Adobe has Released Security Advisory for ColdFusion.
In fact what was a oDay, it is now
identify, Adobe has identified a critical vulnerability affecting ColdFusion
10,9.0.2, 9.0.1, 9.0, and earlier
versions for Windows, Macintosh, and UNIX. This vulnerability (CVE-2013-3336) could allow an unauthorized user to remotely retrieve files stored on a server. There are reports that an exploit of this vulnerability is publicly available. Connectikpeople recommends users review Adobe Security Advisory APSA13-03 here!
Note: the
advisory indicates that the solution does not correct the vulnerability, but it
may help mitigate the risk of exposure to this issue.versions for Windows, Macintosh, and UNIX. This vulnerability (CVE-2013-3336) could allow an unauthorized user to remotely retrieve files stored on a server. There are reports that an exploit of this vulnerability is publicly available. Connectikpeople recommends users review Adobe Security Advisory APSA13-03 here!
