Infesting you with Virus News
 

News

Contributed by: Lauren Gerber
Date: August 19, 2009
Lauren Gerber
1
Vote
0

Hotfixes Released For The Adobe ColdFusion Glitches
 

ColdFusion.png

No matter how many updates or fixes we apply, the simple reality of the situation is that more vulnerabilities will emerge. It is almost like we are unable to enjoy the wonderful benefits of the World Wide Web without experiencing some vulnerabilities. In retrospect this is a small price to pay for all the wonderful benefits that the vast online world has to offer. It is exciting and important to acknowledge that various hotfixes have been released in order to combat the Adobe ColdFusion vulnerabilities. Before you apply the fixes it may be in your best interest to have some knowledge about the vulnerabilities that were the reason for these fixes.

For those of you who may be wondering if Adobe ColdFusion is a part of Adobe, the answer is yes of course it is. Not only is Adobe ColdFusion a part of Adobe, it also is geared to create fantastic online applications. The wonderful aspect with regard to Adobe ColdFusion is that it caters for I.T environment sizes. This means you can make use of ColdFusion for any implementations, such as  a variety of business applications. One of the files of Adobe ColdFusion include the following: CFML.EXE.

One of the impacts of these vulnerabilities is the use of cross site scripting attacks, which could prove disastrous to users and lead to illegitimate code execution. The code will actually come from the site that is running the ColdFusion software; it will adequately run within the context of that specific site. The code will then allow access to authentication cookies and others associated with that site.

Affected Operating Systems:
Linux (Any)
UNIX  (AIX)
UNIX  (OS X)
UNIX  (Solaris - SunOS)
Windows(2000)
Windows(2003)
Windows(Vista)
Windows(XP)

Table 1. Affected operating systems

An online attacker could also gain access to elevated privileges and perform various malicious activities. This will further lead to the access of highly confidential information, with the inclusion of users passwords and the ability to modify certain user information. In order to remain safe it is important for all Adobe ColdFusion users to apply the hotfixes which have recently become available.

Resources:
The original advisory.
One of the hotfixes for this vulnerability.
One of the companies that discovered one the vulnerabilities.

User Comments

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection

Featured Videos

Registry Tutorials
From: PC1News Videos
Added: June 13, 2009
more videos

Software Downloads

SpyHunter V.3
Free Spyhunter Scanner (Spyware/Trojan Detection). DETECT Spyware, Trojans, Worms, Viruses and malware on your PC absolutely FREE.
Download now
Registry Mechanic 8
Award Winning software, Fixes registry and improves computer performance. Created by a division of Symantec, this tool will scan your registry and find errors that can be later cleaned either individually or all together.
Download now
SpywareBlaster 4.1
The tool is used to prevent the installation of spyware and other potentially unwanted software. As soon as you download it, you will be able to protect your system.
Download now

Latest Comments

Mal/PdfEx-C
March 15, 2010
hello I have Mal/PDFEx-D and Mal/PDFJs-B and Troj/JavaDl-E on my computer now and am trying to get them... more..
O12Conv.msi
March 15, 2010
s3tcv more..
sysmngsr322.exe
March 15, 2010
How to remove this threat more..
more comments..
rss
Home | Files | Programs | Latest Comments | About us | Privacy Policy | Contributors | Contact Us
© 2008 - 2010 pc1news.com - All rights reserved.
Home  Tips  Downloads Videos Virus List Vulnerabilities
Home > Computer Security > Hotfixes Released For The Adobe ColdFusion Glitches