Posts Tagged ‘elevated risk’
Thursday, March 15, 2012 @ 02:03 PM gHale
A Priority 2 security update for Adobe’s ColdFusion fixes a vulnerability that puts users at risk for denial-of-service (DoS) attacks.
The flaw, rated “important,” affects ColdFusion 9.0.1 and earlier version for Windows, Mac, and UNIX.
“This vulnerability could lead to a denial of service attack using a hash algorithm collision,” Adobe said in its security bulletin.
The Priority 2 rating, part of the new advisory system introduced by Adobe last month, means the “update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits.”
The “important” rating indicates the vulnerability, if exploited, “would compromise data security, potentially allowing access to confidential data, or could compromise processing resources in a user’s computer.”
Adobe provided a hotfix for the vulnerability and recommended ColdFusion users apply the patch with the next 30 days.