Adobe plans ColdFusion fix in wake of web attacks

07/06, 11:55am

ColdFusion sec. fix soon

A ColdFusion 8 security fix is due to be released this week, says Adobe. Targeted in the patch is a problem with FCKEditor, an open-source application that comes bundled with the ColdFusion suite. The software permits file uploads and management, features which are supposed to be disabled on a ColdFusion server; the connectors can sometimes remain active however, creating a vulnerability. Knowledgeable hackers can call up FCKEditor's file manager, and use it to upload files and gain control of a server.

toggle

Network Headlines

02/15	Sony completes Ericsson stake buyout...
02/15	Apple upgrades iBookstore with screenshots...
02/15	Congress asks Apple to answer questions...
02/15	FLA head describes Foxconn plants as...
02/15	Apple asks to sue bankrupt Kodak in...

Show All

02/15	Sony completes Ericsson stake buyout...
02/15	Congress asks Apple to answer questions...
02/15	FLA head describes Foxconn plants as...
02/15	Apple asks to sue bankrupt Kodak in...
02/15	Apple voluntarily pulls iPads from...

Show All

02/15	Apple upgrades iBookstore with screenshots...
02/15	Congress asks Apple to answer questions...
02/14	Apple attempting to disrupt Siri hacks...
02/14	Readability iOS app delayed, Android...
02/13	Apple launches 2012 back-to-school...

Show All

02/15	Monster iCarPlay Wireless FM Transmitter...
02/14	Refurb. 16GB iPhone 4, now only $259...
02/13	Refurb. Flip UltraHD Pocket Digital...
02/10	$380 off refurbished 2.8GHz Mac Pro...
02/09	iHome Dual Alarm Clock for Apple iPod...