CERT mailing list archives
Adobe Releases Security Update for ColdFusion
From: "US-CERT" <US-CERT () public govdelivery com>
Date: Wed, 15 May 2013 06:38:37 -0500
US Computer Emergency Readiness Team banner graphic National Cyber Awareness System: Adobe Releases Security Update for ColdFusion [ https://www.us-cert.gov/ncas/current-activity/2013/05/09/Adobe-Releases-Security-Advisory-ColdFusion ] 05/09/2013 09:52 AM EDT Original release date: May 09, 2013 | Last revised: May 14, 2013 Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh, and UNIX. This hotfix addresses a vulnerability (CVE-2013-1389) that could allow a remote attacker to execute arbitrary code and a vulnerability (CVE-2013-3336) that could permit an unauthorized user to remotely retrieve files stored on the server. There are reports that this vulnerability is being exploited in the wild. US-CERT recommends that users and administrators review Adobe Security Advisory APSA13-03 [ http://www.adobe.com/support/security/advisories/apsa13-03.html ] and Adobe Security Bulletin APSB13-13 [ http://www.adobe.com/support/security/bulletins/apsb13-13.html ] and follow best-practice security policies to determine if their organization is affected and the appropriate response. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Adobe Releases Security Update for ColdFusion US-CERT (May 15)