Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Adobe has issued an advisory for seven critical vulnerabilities in its web design and development platforms, ColdFusion and JRun.The vulnerabilities, which affect ColdFusion versions 8.0.1 and earlier, and JRun 4.0, could result in user accounts or an affected system being compromised."Adobe is not currently aware of any exploits in the wild for the security vulnerabilities fixed in this release," according to an Adobe Product Security Incident Response Team blog post. Several cross-site scripting bugs in ColdFusion could potentially lead to code execution. Other bugs in ColdFusion addressed in the update could lead to information disclosure or privilege escalation, Adobe said in its security bulletin. In addition, issues with the management console for JRun could potentially lead to information disclosure or code execution. In July, Adobe fixed a zero-day vulnerability in ColdFusion, which was being used to compromise ColdFusion websites.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.