During a routine internal security audit of Macromedia
ColdFusion, Macromedia discovered two important security
issues that affect ColdFusion Server versions 2.0 through
4.5.1 SP2.
We have released a Security Bulletin about these issues
and a patch for ColdFusion Server versions 3.1.1, 4.0, 4.0.1,
4.5, 4.5.1 SP1, and 4.5.1 SP2 (all editions).
We are strongly encouraging customers to review the new
Macromedia Product Security Bulletin (MPSB01-07) and to
install the patch as quickly as possible. You can find the
security bulletin and the patch in the Security Zone at:
http://www.allaire.com/security
~~~~~~~
MPSB01-07: Macromedia releases patch that addresses
ColdFusion security issues.
Please note, the security issues DO NOT affect ColdFusion
Server 5.
As a Web application server vendor, the security of the
systems our customers deploy is a top priority. Securing
Web applications, especially those deployed on the Internet,
is complex and involves a wide range of technologies and
methodologies from a variety of vendors. Macromedia uses
the Security Zone in order to better inform our customers
about security issues that may affect them.
In the Security Zone you will find Security Bulletins that
explain important issues, technical briefs, and links to
other resources. In addition, you can subscribe to the
Security Notification Service in order to receive future
Security Bulletins when they are published.
We understand how important security is to our customers,
and we're committed to working to provide a secure platform
for your Web application development. Thank you for your
time and consideration on this issue.
- Security Response Team, Macromedia, Inc.
~~~~
P.S. As a reminder, Macromedia has set up an e-mail
address that customers can use to report security issues
associated with any Macromedia product; that is:
[EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
