Adobe has released patches to address multiple security vulnerabilities in its ColdFusion web development tool and JRun Java administration tool.
The updates address vulnerabilities in both applications that could allow an attacker to potentially take control and remotely execute code on a targeted system.
The ColdFusion update addresses five vulnerabilities in versions 7.0.2, 8 and 8.0.1 of the web application development platform. The severity of the five flaws range form escalation of privileges to information disclosure and remote code execution.
The JRun patch addresses two vulnerabilities. One flaw could potentially allow an attacker to remotely execute code via a cross-site-scripting attack, while the second flaw could allow for information disclosure.
Adobe said that the issues addressed in both updates were considered to be critical risks and the company advised users and administrators running either application to install the updates.
The updates from Adobe come one week after Microsoft released its monthly security update.
That release included fixes for vulnerabilities in Windows and Office, including fixes for five critical vulnerabilities.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
