Adobe ColdFusion exploit spreading

Share this article:

An exploit targeting a critical vulnerability in Adobe's ColdFusion application servers has been identified, according to a security advisory. Versions running on Windows, Macintosh and UNIX are affected.

The vulnerability (CVE-2013-3336) would allow an intruder to remotely siphon any files stored on the server. Adobe recommends users should restrict public access to administrator directors and reference ColdFusion best practices.

Adobe expects to resolve the issue with a “hotfix”, to be released Tuesday, the next scheduled update. This announcement comes on the heels of a “low-severity” issue in Reader and Acrobat that would allow someone to track a PDF document.

Share this article:

Sign up to our newsletters

More in News

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.

EFF asks court to find NSA internet spying a violation of Fourth Amendment

EFF asks court to find NSA internet spying ...

Complete with a colorful graphic, the EFF showed a federal court how the NSA essentially runs a digital dragnet that can pick up innocent Americans.

Study: Asian Android users at higher risk of malware exposure

Cheetah Mobile's new study showed that Asian Android users have a two to three times greater risk of downloading malware onto their devices.