Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Adobe ColdFusion Information Disclosure InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe ColdFusion Information Disclosure

Published: 2010-02-02
Last Updated: 2010-02-02 01:22:06 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Adobe has released information on an important vulnerability (CVE-2010-0185) identified in ColdFusion 9.0. This could allow access to collections created by the Solr Service to be accessed from any external machine using a specific URL.

Adobe recommends that users update their product installations using the instructions provided here.


Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Le cours SANS SEC 503 sera offert en français en mai 2010 à Nice, France. Pour plus d'information, suis ce lien.

Keywords: Adobe Coldfusion
0 comment(s)
Diary Archives