Adobe issues ColdFusion fix

By on
Adobe issues ColdFusion fix

Vulnerabilities grant remote authentication bypass.

In brief: Adobe has patched a hole in ColdFusion to close critical vulnerabilities that allow attackers to bypass authentication and remotely hijack servers. 

Four of the flaws (CVE-2013-0625, CVE-2013-0629, CVE-2013-0631 and CVE-2013-0632) are already exploited in the wild.

The patched holes include an authentication bypass, directory traversal, and a vulnerability that results in result in information disclosure from compromised servers.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
adobe coldfusion patching security

Sponsored Whitepapers

Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution
Effectively addressing advanced threats
Effectively addressing advanced threats
The risky business of open source
The risky business of open source
Ensure your e-signatures are legally binding
Ensure your e-signatures are legally binding
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation

Events

Most Read Articles

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it
Defence switches on initial SAP ERP system capability

Defence switches on initial SAP ERP system capability
Downer lands $330m Telstra field services contract

Downer lands $330m Telstra field services contract
Tyro halts trading following week-long outage

Tyro halts trading following week-long outage
You must be a registered member of iTnews to post a comment.
| Register

Log In

Username / Email:
Password:
  |  Forgot your password?