Your one-stop web resource providing safety and security information to manufacturers

Adobe released a security hotfix for web application development platform ColdFusion 9.0.1 and earlier versions for Windows, Mac, and Unix.

The hotfix resolves an HTTP response splitting vulnerability in the ColdFusion component browser.

Adobe Patches ColdFusion Flaw
After Patch, APT’s Still Hit
Adobe Mac Updates Silenced
Critical Flash Player Hole Closed

The vulnerability “could add or modify additional headers, which might cause unexpected behavior,” Adobe said in its security update.

Adobe classified the vulnerabililty as “important” and gave it a priority rating of 2.

Cyber Security

Adobe acknowledged the help of Michael Dominice, Yoshi Russell of Intelligent Software Solutions, and Stephen Duncan of Intelligent Software Solutions in identifying and fixing the ColdFusion vulnerability.

In March, Adobe issued a patch for a ColdFusion vulnerability that put users at risk for denial of service (DoS) attacks. The flaw also rated as important and had a priority rating of 2.

“This vulnerability could lead to a denial of service attack using a hash algorithm collision,” Adobe said at that time.

Pin It on Pinterest

Share This