CERT mailing list archives
Adobe Releases Security Update for Adobe ColdFusion
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Wed, 13 Nov 2013 08:11:25 -0600
NCCIC / US-CERT National Cyber Awareness System: Adobe Releases Security Update for Adobe ColdFusion [ https://www.us-cert.gov/ncas/current-activity/2013/11/13/Adobe-Releases-Security-Update-Adobe-ColdFusion ] 11/13/2013 07:29 AM EST Original release date: November 13, 2013 Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh and Linux to address multiple vulnerabilities. This hotfix addresses a reflected cross site scripting vulnerability (CVE-2013-5326) that could be exploited by a remote, authenticated user and a vulnerability (CVE-2013-5328) that could permit unauthorized remote read access. US-CERT recommends users and administrators review Adobe Security Advisory APSB13-27 [ http://www.adobe.com/support/security/bulletins/apsb13-27.html ] and follow best practice security policies to determine if their organization is affected and the appropriate response. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Adobe Releases Security Update for Adobe ColdFusion US-CERT (Nov 13)