-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2013-0038

Title:  Hotfix available for ColdFusion [1]

Version history:
19.04.2013 Initial publication

Summary
=======
Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX.  Adobe recommends users update their product installation using the instructions provided in the "What you can do?" section below.

CVE names: [2]

CVE-2013-1387 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2013-1388 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Vulnerable systems
==================
ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX

What can you do?
================
Adobe recommends ColdFusion customers update their installation using the instructions provided in the technote: [3].


What to tell your users?
========================
Normal security best practices apply. Especially, inform your Web users to be cautious about following links to sites that are provided by unfamiliar or  suspicious sources. Users are to be aware not to click on the link in suspicious emails; to immediately forward the suspicious email to the respective IT security officer / contact in your institution.

More information
================
[1] http://www.adobe.com/support/security/bulletins/apsb13-10.html
[2] http://web.nvd.nist.gov/
[3] http://helpx.adobe.com/coldfusion/kb/coldfusion-security-hotfix-apsb13-10.html

Best regards,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJRcVxQAAoJEPpzpNLI8SVoeWIP/jpBjOIPvWEspK0Zp4BUPr9P
iUe7RlEqXDvHUb6ogjING91Yz0ntgC8tiTu8lVAzHFaIHWsvpWRZQ2ezGtWat2he
gwYruAg0Gw4+SkKohiORUCUshiWs3Hz9tp3/54b/kDpGb1nsfc3ng94op/R87ZEE
2aoszbEBr2GMdYJqEU/n4CF7pOnJj25xRdLI/Hd1PaGU22wLECbYf6Gpwp5eI3bv
JOBsPdeuGBHgA6iorkdzPRUBEm6yl/5hl5iRWe9P+nDDB6rpMJMVOk+YBbWHlEok
zJZLFffdhf/YUOCFSuv1Xx54tsPtCRA8zkQItGofKkaE7N3DF/LtSVw2C/RtQBOy
+heB+FT6nffCynUJ0dSuXMEYJrDBqx3s8SjLb17WN6d+y9Zl+F49w4uOSFxVx2s5
7WIa3q5tITf7l179CpTJJBp0TEfAlblggQ5enQEl8u33BJ+q7MVlTXtdDokZPjNn
bUdW9ZFMNmGKKYOys5PYLtO9eOJXnO1qII4+YSoOUVkcr0gYZvphdyMICgssOzw1
GPtnvjDRTceXcdw9oQ+WGIqwdL7Y9nnb8ebwwFK5yPeCK+ncEPYc5zEeBqqD6/TG
WAOUd2lwizqH7aLbt/esG7p3+7IuUH2Sci1l3DC5igoGAyw92DWy88gSllyIz7WM
SIzZfcXhShOWMmYhI1cN
=nyYZ
-----END PGP SIGNATURE-----