CF Security Update

Posted At : November 14, 2007 12:03 PM
Related Categories: Web Dev

I got an email with a security update bulletin from Adobe yesterday. 

It seems there is some sort of vulnerability via cfid and cftoken regarding session hijacking.  It affects both cf7 and cf8 unless you are using J2EE session management.

Patch can be found here.

If you use shared hosting and your host knows CF well then you are probably all set.  If they don't or your not sure you should let them know about the update.  Also if you don't get secuirty bulletins via email from adobe you should sign up for that today.

On a side note, I find the font color for the link in the security bulletin very hard to differentiate from the text of the page.  Took me a bit to find where to actually download the update.

Comments Comments (0) | Print Print | del.ico.us del.icio.us | Digg It! Digg It! | 1797 Views
TweetBacks
Comments

There are no comments for this entry.

[Add Comment] [Subscribe to Comments]

NAVIGATION

Home
About Me

RSS


Search

Subscribe

Enter your email address to subscribe to this blog.

Recent Entries

Flash Camp Boston
New Blog Design
Pre-Conference Training at cf.Objective()
FireFox 3.6 KTML Editor Fix
I am now a part of the Adobe Community Professionals Group

Recent Comments

FireFox 3.6 KTML Editor Fix
Fred said: Found another bug in Firefox 3.6 When inserting a table you can't select the number of columns. So I... [More]

Repeating Events Question
ueghbxedu said: UaejcB <a href="http://ysyhrmkbkhco.com/&...;, [url=http://pwncz... [More]

Repeating Events Question
fadxkfyuadn said: n6qVCL <a href="http://bdiorhdtbwzb.com/&...;, [url=http://uvnao... [More]

FireFox 3.6 KTML Editor Fix
Joshua said: While changing that far will load the editor, does it show the drop down class menu correctly now? [More]

FireFox 3.6 KTML Editor Fix
Al Johnson said: HI, I am still fighting to keep my code going as there is nothing better than KTML nad I have writt... [More]

Calendar

<< March 2010 >>
Sun Mon Tue Wed Thu Fri Sat
 123456
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31    

Archives By Subject

blogs (31) [RSS]
books (4) [RSS]
Crazy (39) [RSS]
DIY (8) [RSS]
Flex (3) [RSS]
games (10) [RSS]
GRRR (13) [RSS]
Ideas (11) [RSS]
Local (14) [RSS]
LOLpics (2) [RSS]
money (9) [RSS]
music (3) [RSS]
Personal (27) [RSS]
Photos (8) [RSS]
Politics (8) [RSS]
Projects (22) [RSS]
Review (18) [RSS]
RPM (9) [RSS]
Spam (16) [RSS]
Technology (66) [RSS]
Testing (3) [RSS]
TV (15) [RSS]
video (32) [RSS]
Web Dev (218) [RSS]
World of Warcraft (16) [RSS]