CERT mailing list archives
Current Activity - Adobe Releases Security Advisory for ColdFusion
From: Current Activity <us-cert () us-cert gov>
Date: Thu, 9 May 2013 10:12:55 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System Adobe Releases Security Advisory for ColdFusion Original release date: May 09, 2013 Adobe has identified a critical vulnerability affecting ColdFusion 10, 9.0.2, 9.0.1, 9.0, and earlier versions for Windows, Macintosh, and UNIX. This vulnerability (CVE-2013-3336) could permit an unauthorized user to remotely retrieve files stored on a server. There are reports that an exploit of this vulnerability is publicly available. US-CERT recommends users and administrators review Adobe Security Advisory APSA13-03. Please note that the advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate the risk of exposure to this issue. US-CERT will provide additional information as it becomes available. Relevant URL(s): <http://www.us-cert.gov/privacy/> <http://www.adobe.com/support/security/advisories/apsa13-03.html> <http://www.us-cert.gov/privacy/notification> ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification/ Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/ncas/current-activity/2013/05/09/Adobe-Releases-Security-Advisory-ColdFusion For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/mailing-lists-and-feeds/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEUAwUBUYuu3XdnhE8Qi3ZhAQKMSAf4sComXRH/Jh88oVRzBA8t/34VkfCLs0Cj 36Ttt5/GHjSJvfFu+22D41xPWLWLenjlIozdkkcldyw9xzGcuIGGt23bvO6lxzps WcMzq+TeaJi9QWBllsixYBilGTHZYRSsRXzerykxKbxou5gechgTkFjy70AxDD0o HIpet938WxpFquEbIcKLOIiqiYUeSI4cCV5UzxubdSYQupO1MKeg6LdskFiNYLz2 qPt+bhRmbZ1Ifs/qbiMae58n21SFugpANSGZVu45ZOrEvhjD6DK1B5EIQA0h5MN2 LcydFM6k47FC+nx0pCo6a4UAD1BwweXCIvmYp7n5m8ogXdaQJpya =ZkfI -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Adobe Releases Security Advisory for ColdFusion Current Activity (May 09)