Pete Freitag Pete Freitag Now Detects BlazeDS Vulnerability

Updated on December 07, 2023
By Pete Freitag

I've just finished updating the ColdFusion security scanner to detect the BlaseDS Vulnerability APSB10-05 announced in February 2010. As you hopefully know, this vulnerability also effects ColdFusion 7-9, because it has BlaseDS installed by default. So make sure and patch your servers, this vulnerability allows an attacker to read any file on your server that ColdFusion has permission to read, which can make it very easy for an attacker to break in in many cases.

Head over to and see if we are detecting the vulnerability on your server (note that even if we are not detecting it, you should still make sure you have applied this important patch).

Big thanks to Joshua Cyr for providing me with some helpful information about this vulnerability.

coldfusion security blaseds flash flash remoting hackmycf Now Detects BlazeDS Vulnerability was first published on April 27, 2010.

If you like reading about coldfusion, security, blaseds, flash, flash remoting, or hackmycf then you might also like:


The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.

Try Fixinator

The weekly newsletter for the CFML Community