Thanks for sharing it here, Cam. Do beware, though: for those on 9.0.2, there's a glitch in the hotfix (a missing web-inf.zip within the cf902.zip).
I've added a comment on the blog entry that points to that (http://blogs.coldfusion.com/post.cfm/coldfusion-security-update-for-version -9-and-above), but obviously those who go straight to the technote wouldn't see that. Hopefully Adobe will fix this ASAP. To be clear, this warning is only for those on 9.0.2. Those on 9.0, 9.0.1, or 10 should absolutely proceed with the hotfix as provided. /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Cameron Childress Sent: Tuesday, January 15, 2013 1:56 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] New CF Vulnerability - Check your servers FYI - a hotfix was released today for this vulnerability: http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-03.ht ml -Cameron -- Cameron Childress -- p: 678.637.5072 im: cameroncf facebook <http://www.facebook.com/cameroncf> | twitter <http://twitter.com/cameronc> | google+ <https://profiles.google.com/u/0/117829379451708140985> ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
