[thelist] CF Security hole found

Raymond Camden jedimaster at macromedia.com
Wed Jul 11 08:27:19 CDT 2001


During a routine internal security audit of Macromedia
ColdFusion, Macromedia discovered two important security
issues that affect ColdFusion Server versions 2.0 through
4.5.1 SP2.

We have released a Security Bulletin about these issues
and a patch for ColdFusion Server versions 3.1.1, 4.0, 4.0.1,
4.5, 4.5.1 SP1, and 4.5.1 SP2 (all editions).

We are strongly encouraging customers to review the new
Macromedia Product Security Bulletin (MPSB01-07) and to
install the patch as quickly as possible. You can find the
security bulletin and the patch in the Security Zone at:

http://www.allaire.com/security

~~~~~~~
MPSB01-07:  Macromedia releases patch that addresses
ColdFusion security issues.

Please note, the security issues DO NOT affect ColdFusion
Server 5.

p.s. Guys/gals - I figure since we at least a few CF people here that this
would be welcome information. If I'm wrong, please let me know!

=======================================================================
Raymond Camden, Principal Spectra Compliance Engineer for Macromedia

Email   : jedimaster at macromedia.com
ICQ UIN : 3679482

"My ally is the Force, and a powerful ally it is." - Yoda






More information about the thelist mailing list