Adobe Releases Security Update for Adobe ColdFusion

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Adobe Releases Security Update for Adobe ColdFusion [ 
https://www.us-cert.gov/ncas/current-activity/2013/11/13/Adobe-Releases-Security-Update-Adobe-ColdFusion ] 11/13/2013 
07:29 AM EST 
Original release date: November 13, 2013

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1, and 9.0 for Windows, Macintosh and Linux 
to address multiple vulnerabilities. This hotfix addresses a reflected cross site scripting vulnerability 
(CVE-2013-5326) that could be exploited by a remote, authenticated user and a vulnerability (CVE-2013-5328) that could 
permit unauthorized remote read access.

US-CERT recommends users and administrators review Adobe Security Advisory APSB13-27 [ 
http://www.adobe.com/support/security/bulletins/apsb13-27.html ] and follow best practice security policies to 
determine if their organization is affected and the appropriate response.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]