Adobe updates ColdFusion, JRun, Flex


Adobe updates ColdFusion, JRun, Flex Staff

Adobe Systems Inc. has released critical patches repairing eight flaws in versions 8.0.1 and earlier of ColdFusion, JRun 4.0 and Flex 3.3 SDK.

ColdFusion and JRun are web development applications that include application servers used to develop and test applications. Adobe said in the update issued Tuesday that attackers could exploit the

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

ColdFusion and JRun vulnerabilities to steal sensitive data or take complete control of a victim's machine.

The most serious flaws are cross-site scripting (XSS) vulnerabilities, which allow attackers to execute malicious code on an underlying system by passing a malicious URL. The update repairs two XSS flaws in ColdFusion and two such flaws in JRun. The update to Flex also resolved an XSS vulnerability within the express-install templates for the Flex SDK. The fix was issued Wednesday.

Adobe said it is not currently aware of any exploits in the wild for the security vulnerabilities fixed in the applications.