If you're on Adobe ColdFusion, read this: http://www.carehart.org/blog/client/index.cfm/2013/1/2/Part2_serious_security_threat
quick version: it's a security hole that allows attacker to write a .cfm using AdminAPI. Once that happens, all bets are off: they have the full power of CF at their disposal. Keep in mind that current hot fixes don't address this - you need to lock down specific resources on your servers. As far as I know this affects only Adobe ColdFusion. -- Billy Cravens -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to [email protected] For more options, visit http://groups.google.com/group/houcfug?hl=en
