Top

Adobe releases out-of-band update to patch ColdFusion zero-day

March 1, 2019

Via: ZDnet

Adobe has released today an emergency out-of-band update for its ColdFusion development platform that patches a zero-day vulnerability that was being exploited in the wild.

19-year-old makes millions from ethical hacking
In its security bulletin that was just sent out, Adobe described the vulnerability as a “file upload restriction bypass” and gave it a rating of “critical.”

“This attack requires the ability to upload executable code to a web-accessible directory, and then execute that code via an HTTP request. Restricting requests to directories where uploaded files are stored will mitigate this attack,” Adobe said.

Read More on ZDnet