« Return to Thread: New CF8 vulnerability

Re: New CF8 vulnerability

by James Holmes-3 :: Rate this Message:

And that's why our prod servers are read only (and Linux).

mxAjax / CFAjax docs and other useful articles:
http://www.bifrost.com.au/blog/

2009/7/3 Dave Watts <dwatts@...>:

>
> You may want to check for this on any clients/projects you've worked with:
> http://isc.sans.org/diary.html?storyid=6715
>
> Remediation steps available here:
> http://www.codfusion.com/blog/post.cfm/cf8-and-fckeditor-security-threat
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
>
> Fig Leaf Software provides the highest caliber vendor-authorized
> instruction at our training centers in Washington DC, Atlanta,
> Chicago, Baltimore, Northern Virginia, or on-site at your location.
> Visit http://training.figleaf.com/ for more information!
>
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324174
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.4

« Return to Thread: New CF8 vulnerability