Wednesday, September 7, 2016

Adobe ColdFusion Hotfix Available

Adobe have released updated versions of ColdFusion web application development platform. These hotfixes resolve an issue associated with parsing crafted XML entities that could lead to information disclosure (CVE-2016-4264).  

Affected versions:
- ColdFusion 11: update 9 and earlier versions
- ColdFusion 10: update 20 and earlier versions


More information can be read from Adobe's security bulletin.

No comments: