all InfoSec news
Multiple Vulnerabilities in Adobe ColdFusion Could Allow for Arbitrary Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered in Adobe ColdFusion, the most severe of which could allow for arbitrary code execution. Adobe ColdFusion is a commercial web-application development platform designed to build and deploy web applications. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts …
adobe adobe coldfusion application application development applications arbitrary code build code code execution coldfusion commercial deploy development exploitation platform vulnerabilities web web applications