Wednesday, July 10, 2013

Security update for ColdFusion 9, 10 and Update 11: July 2013

A security update for ColdFusion 9 and ColdFusion 10 is released on 9th July. It fixes an important Denial of Service issue for ColdFusion 9 family running on JRun. There is also an update on ColdFusion 10 which fixes critical vulnerability that could permit an attacker to invoke public methods on ColdFusion CFCs using WebSockets. Complete details can be found at this bulletin and tech-note
If you are on ColdFusion 10, you will see a new update 11 within the ColdFusion administrator. This update includes fix for above mentioned vulnerability as well as 50+ bug fixes. Complete details of the issues fixed can be found in this tech-note.

1 comment:

  1. There is also an update on ColdFusion 10 which fixes critical vulnerability that could permit an attacker to invoke public methods on ColdFusion CFCs using WebSockets. digital door locks

    ReplyDelete

You can subscribe to the comments by licking on "Subscribe by email".