Adobe rolls out security updates

Adobe has released patches to address multiple security vulnerabilities in its ColdFusion web development tool and JRun Java administration tool.

The updates address vulnerabilities in both applications that could allow an attacker to potentially take control and remotely execute code on a targeted system.

The ColdFusion update addresses five vulnerabilities in versions 7.0.2, 8 and 8.0.1 of the web application development platform. The severity of the five flaws range form escalation of privileges to information disclosure and remote code execution.

The JRun patch addresses two vulnerabilities. One flaw could potentially allow an attacker to remotely execute code via a cross-site-scripting attack, while the second flaw could allow for information disclosure.

Adobe said that the issues addressed in both updates were considered to be critical risks and the company advised users and administrators running either application to install the updates.

The updates from Adobe come one week after Microsoft released its monthly security update.

That release included fixes for vulnerabilities in Windows and Office, including fixes for five critical vulnerabilities.