perhaps it might help if a few other people got on their case as well, especially hosts, who will be the main ones who do not like this fix.
On Fri, Sep 14, 2012 at 12:00 PM, David Boyer <[email protected]>wrote: > > >On Tue, Sep 11, 2012 at 7:48 PM, <> wrote: > >> > >> >>i already read tha adobe bulletin, it doesn't really say much. > >> > >> I doubt you will ever see details and description about any possible > attack. > >> It would be too easy for those looking for ideas... > > > >Publication of details of an attack are pretty common. Good guys will > >typically find an attack, alert the people who are in a position to > >fix the product(s), wait for them to confirm it and start on a fix and > >then publish the details of the attack after the vulnerability patch > >has been released. > > Well I think I'm being a good guy so far ;) Contacted Adobe about this, > they've got the fix out and I've been working hard contacting those who I > think are most at risk from the issue itself. I doubt I'll put the details > of the attack out there anytime soon, I'd still feel a bit guilty if it was > taken advantage of, even if it's the fault of someone not updating their > installations. > > I'm still trying to discuss some things with Adobe in relation to this, so > you may get some more information at some point. > > Dave > --- > David Boyer > Blog ---------------- http://misterdai.yougeezer.co.uk > Twitter ------------- http://twitter.com/misterdai > CFML Engine Monitor - http://www.cftracker.net > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352613 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
