Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Adobe ColdFusion Information Disclosure InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe ColdFusion Information Disclosure

Published: 2010-02-02
Last Updated: 2010-02-02 01:22:06 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Adobe has released information on an important vulnerability (CVE-2010-0185) identified in ColdFusion 9.0. This could allow access to collections created by the Solr Service to be accessed from any external machine using a specific URL.

Adobe recommends that users update their product installations using the instructions provided here.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Le cours SANS SEC 503 sera offert en français en mai 2010 à Nice, France. Pour plus d'information, suis ce lien.

Keywords: Adobe Coldfusion
0 comment(s)
Diary Archives