-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0131 Title: Hotfix available for ColdFusion 10 for Windows [1] Version history: 20.11.2012 Initial publication Summary ======= Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition. Adobe recommends users update their product installation using the instructions provided in the "Solution" section below. CVE number: CVE-2012-5674 Vulnerable systems ================== ColdFusion 10 Update 1 and above for Windows Original Details ================ Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition. Adobe recommends users update their product installation using the instructions provided in the "Solution" section above. This update resolves a vulnerability which could result in a Denial of Service condition (CVE-2012-5674). What can you do? ================ Adobe recommends customers update their installation of ColdFusion 10 Update 1 and above for Windows to ColdFusion 10 Update 5 using the instructions provided in the technote: http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-25.html. What to tell your users? ======================== N/A More information ================ [1] http://www.adobe.com/support/security/bulletins/apsb12-25.html [2] http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-25.html [3] http://cve.mitre.org/ Best regards, CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 Privacy Statement: http://cert.europa.eu/cert/plainedition/en/cert_privacy.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJQq1o1AAoJEPpzpNLI8SVoWQsP+gImtJb+WgjB9t5ExQRA0iBz WL74La9QgRcSx7rQQYLTq3xJIk59UnQAniGk4RkgMHDZsZwZceDNxiSR9Vidk4kg A+5S0B5NuB/jjz0JzKhkElm6mZEgrb1MNWFOI8nNd6pdE3/HSMGbMYTVMnAuUu21 CwHyq+pI3efrcyH0XhBNcEcBwkWGn0d4Oy8VfqR9HOODEQjtjg8jtWlfJH/0mK/y AtKHh/QE+59iGSpii5M/ZUF/U5MQATy6MSTuWJ4jVz08RQpEDMtXe4wj5l23vt2J 54zM/GJyhIefeBozlbpNnyiGkQAwiQVfNQzSwLj1ntLs9TBFtoTJafKJNLRdkEXc iQKGAwaN3x664voObKNyKXFbE1wbpC7/rZxuaApILXn3Zc9WGNEdV3NIqjOusTiN 6tnTWtGr/lM8FLnpPbbFFlPCELwJ6xivIkKBRnUC8dTP2A4UXcsEo+4xKqihJO/U l/mNrxy4DwjEqLXnk8WtlYdBHuTtTSn94qwtXqVCD4gxFCZfClXs0OSyvXZ77OJG yX0pggOhdmfeV5EkSeboeMzaljf3UdYfWqPbGF7wsYuNbouWoqwX+x+K8PA7dHkz /Om1ZHHKy7SoZITlZVMkagwcEIdpaNy+8lnulMFn7PmY3iT3zOVHW+y1yTP9LMxJ ujLcyoNvi9pKCG4cGCXd =Ivpf -----END PGP SIGNATURE-----