In association with heise online

12 September 2012, 11:42

Adobe fixes ColdFusion security vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Adobe ColdFusion logo On the same day as Microsoft's September Patch Tuesday, Adobe released an update for ColdFusion to close a security hole in its rapid web application development software. The hotfix for ColdFusion addresses a vulnerability (CVE-2012-2048), which the company rates as important, that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition.

According to Adobe, the unspecified error affects versions 8.0, 8.0.1, 9.0 to 9.0.2, and 10 of ColdFusion for Windows, Mac OS X and UNIX. Installing the provided hotfix corrects the problem; download links and installation instructions for each affected version are provided on the APSB12-21 technote page. All users are advised to download and apply the hotfix. Adobe credits UK developer David Boyer for finding and reporting the problem.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit