CF Security Update

Posted At : November 14, 2007 12:03 PM
Related Categories: Web Dev

I got an email with a security update bulletin from Adobe yesterday. 

It seems there is some sort of vulnerability via cfid and cftoken regarding session hijacking.  It affects both cf7 and cf8 unless you are using J2EE session management.

Patch can be found here.

If you use shared hosting and your host knows CF well then you are probably all set.  If they don't or your not sure you should let them know about the update.  Also if you don't get secuirty bulletins via email from adobe you should sign up for that today.

On a side note, I find the font color for the link in the security bulletin very hard to differentiate from the text of the page.  Took me a bit to find where to actually download the update.

Comments Comments (0) | Print Print | del.ico.us del.icio.us | Digg It! Digg It! | 2499 Views
TweetBacks
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)

There are no comments for this entry.

[Add Comment] [Subscribe to Comments]

NAVIGATION

Home
About Me

RSS


Search

Subscribe

Enter your email address to subscribe to this blog.

Recent Entries

Google TV Review
Playbook - Developers It's Time To Get Started
cf.Objective 2011 - Speak Your Mind
Timesheets, Project Management, and Invoicing - FreshBooks Review
A New Phase of My Life

Recent Comments

OTA OK?
AnoraDD said: I get 18 of these exact sms's everyday! How do I get it to STOP?!? [More]

Coldfusion Hosting with Network Solutions
LIzm said: Ugh. I have a client who insists on hosting with them and two weeks after first contact, a very simp... [More]

IE nested list item whitespace solution: vertical-align:bottom
Lauren said: Thought I'd add to the thank yous... Thank you! [More]

OTA OK?
Rita said: Thank you, this was very helpful. [More]

OTA OK?
diggs said: Just got it today, T-Mobile. Thanks for the articale about it. [More]

Calendar

<< February 2012 >>
Sun Mon Tue Wed Thu Fri Sat
   1234
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29    

Archives By Subject

blogs (31) [RSS]
books (4) [RSS]
Consulting (2) [RSS]
Crazy (39) [RSS]
DIY (8) [RSS]
Flex (3) [RSS]
games (10) [RSS]
GRRR (13) [RSS]
Ideas (11) [RSS]
Local (15) [RSS]
LOLpics (2) [RSS]
money (9) [RSS]
music (3) [RSS]
Personal (28) [RSS]
Photos (8) [RSS]
Politics (8) [RSS]
Projects (22) [RSS]
Review (20) [RSS]
RPM (9) [RSS]
Spam (16) [RSS]
Technology (69) [RSS]
Testing (3) [RSS]
TV (15) [RSS]
video (32) [RSS]
Web Dev (230) [RSS]
World of Warcraft (16) [RSS]