Adobe ColdFusion exploit spreading

Share this article:

An exploit targeting a critical vulnerability in Adobe's ColdFusion application servers has been identified, according to a security advisory. Versions running on Windows, Macintosh and UNIX are affected.

The vulnerability (CVE-2013-3336) would allow an intruder to remotely siphon any files stored on the server. Adobe recommends users should restrict public access to administrator directors and reference ColdFusion best practices.

Adobe expects to resolve the issue with a “hotfix”, to be released Tuesday, the next scheduled update. This announcement comes on the heels of a “low-severity” issue in Reader and Acrobat that would allow someone to track a PDF document.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Study: Canada C-Suite execs say companies prepared for threats

A survey of Canadian business execs found that just over a quarter had experienced a cyber attack.

PHP vulnerabilities patched

Developers patched multiple vulnerabilities in PHP that would have allowed remote code execution.

Pennyslvania man sentenced after 'swatting' prank

Pennyslvania man sentenced after 'swatting' prank

David Barnhouse was sentenced to 18 months in prison after he hacked into a neighbor's Verizon FiOS router to post a bomb threat on a Pennsylvania mall's website.