-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2012-0131

Title: Hotfix available for ColdFusion 10 for Windows [1]

Version history:
20.11.2012 Initial publication

Summary
=======
Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition. 

Adobe recommends users update their product installation using the instructions provided in the "Solution" section below.

CVE number: CVE-2012-5674

Vulnerable systems
==================
ColdFusion 10 Update 1 and above for Windows

Original Details
================
Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition. Adobe recommends users update their product installation using the instructions provided in the "Solution" section above.

This update resolves a vulnerability which could result in a Denial of Service condition (CVE-2012-5674).

What can you do?
================
Adobe recommends customers update their installation of ColdFusion 10 Update 1 and above for Windows to ColdFusion 10 Update 5 using the instructions provided in the technote: http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-25.html. 

What to tell your users?
========================
N/A

More information
================
[1] http://www.adobe.com/support/security/bulletins/apsb12-25.html
[2] http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb12-25.html
[3] http://cve.mitre.org/


Best regards,

CERT-EU Pre-configuration Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement:
http://cert.europa.eu/cert/plainedition/en/cert_privacy.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJQq1o1AAoJEPpzpNLI8SVoWQsP+gImtJb+WgjB9t5ExQRA0iBz
WL74La9QgRcSx7rQQYLTq3xJIk59UnQAniGk4RkgMHDZsZwZceDNxiSR9Vidk4kg
A+5S0B5NuB/jjz0JzKhkElm6mZEgrb1MNWFOI8nNd6pdE3/HSMGbMYTVMnAuUu21
CwHyq+pI3efrcyH0XhBNcEcBwkWGn0d4Oy8VfqR9HOODEQjtjg8jtWlfJH/0mK/y
AtKHh/QE+59iGSpii5M/ZUF/U5MQATy6MSTuWJ4jVz08RQpEDMtXe4wj5l23vt2J
54zM/GJyhIefeBozlbpNnyiGkQAwiQVfNQzSwLj1ntLs9TBFtoTJafKJNLRdkEXc
iQKGAwaN3x664voObKNyKXFbE1wbpC7/rZxuaApILXn3Zc9WGNEdV3NIqjOusTiN
6tnTWtGr/lM8FLnpPbbFFlPCELwJ6xivIkKBRnUC8dTP2A4UXcsEo+4xKqihJO/U
l/mNrxy4DwjEqLXnk8WtlYdBHuTtTSn94qwtXqVCD4gxFCZfClXs0OSyvXZ77OJG
yX0pggOhdmfeV5EkSeboeMzaljf3UdYfWqPbGF7wsYuNbouWoqwX+x+K8PA7dHkz
/Om1ZHHKy7SoZITlZVMkagwcEIdpaNy+8lnulMFn7PmY3iT3zOVHW+y1yTP9LMxJ
ujLcyoNvi9pKCG4cGCXd
=Ivpf
-----END PGP SIGNATURE-----