Adobe has released information on an important vulnerability (CVE-2010-0185) identified in ColdFusion 9.0. This could allow access to collections created by the Solr Service to be accessed from any external machine using a specific URL.

Adobe recommends that users update their product installations using the instructions provided here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Le cours SANS SEC 503 sera offert en français en mai 2010 à Nice, France. Pour plus d'information, suis ce lien.