Adobe ColdFusion exploit spreading

Share this article:

An exploit targeting a critical vulnerability in Adobe's ColdFusion application servers has been identified, according to a security advisory. Versions running on Windows, Macintosh and UNIX are affected.

The vulnerability (CVE-2013-3336) would allow an intruder to remotely siphon any files stored on the server. Adobe recommends users should restrict public access to administrator directors and reference ColdFusion best practices.

Adobe expects to resolve the issue with a “hotfix”, to be released Tuesday, the next scheduled update. This announcement comes on the heels of a “low-severity” issue in Reader and Acrobat that would allow someone to track a PDF document.

Share this article:

Sign up to our newsletters

More in News

Five schools earn NSA's excellence in cyber ops distinction

The schools earned NSA's Centers for Academic Excellence designation for their cyber offerings.

With RATs at their disposal, 419 scammers target businesses

With RATs at their disposal, 419 scammers target ...

A new report reveals how Nigeria's 419 scammers are spreading malware to pocket business funds.

InfoSec pros worried BYOD ushers in security exploits, survey says

InfoSec pros worried BYOD ushers in security exploits, ...

A study by the Information Security Community on LinkedIn found most organizations don't have proper polices and support for BYOD.