ColdFusion Security Hotfixes Released

coldfusion Adobe posted several critical hotfixes for ColdFusion and JRun yesterday in Security Bulletin APSB09-12.

I discovered one of the XSS vulnerabilities, and I will post details about it soon. In the mean time, please patch your servers.


This entry was:

Hotfix for CF8 FCKeditor Vulnerability Released

coldfusion Adobe has just released a security hotfix for the FCKeditor vulnerability in Coldfusion 8.

Also of Note, Adobe's Terry Ryan posted a blog entry today detailing How to report a ColdFusion Security Issue to Adobe.


This entry was:

ColdFusion 8 FCKeditor Vulnerability

coldfusion There have been a few stories about a vulnerability in FCKeditor that is bundled with ColdFusion 8, first on SANS and now on The Register.

The FCKeditor ColdFusion connector isn't enabled on all CF installations, I think if you installed a fresh 8.0.


This entry was:

foundeo


did you hack my cf?