Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.2956 Security update available for ColdFusion Builder 14 December 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe ColdFusion Builder Publisher: Adobe Operating System: Windows Linux variants OS X Impact/Access: Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2016-7887 Original Bulletin: https://helpx.adobe.com/security/products/coldfusion/apsb16-44.html - --------------------------BEGIN INCLUDED TEXT-------------------- Adobe Security Bulletin Security update available for ColdFusion Builder Release date: December 13, 2016 Vulnerability identifier: APSB16-44 Priority: 2 CVE number: CVE-2016-7887 Platforms: Windows, Linux and Macintosh Summary Adobe has released a security update for ColdFusion Builder for Windows, Linux, and Macintosh. This update resolves an important vulnerability that could lead to information disclosure (CVE-2016-7887). Affected Versions Product Affected Versions Platform ColdFusion Builder 2016 Update 2 and earlier versions Windows, Linux and Macintosh 3.0.3 and earlier versions For more information on ColdFusion Builder, please refer to this resource. Solution Adobe categorizes this update with the following priority rating and recommends users update their installations to the newest versions: Product Updated Version Platform Priority rating Availability ColdFusion Builder 2016 Update 3 Windows, Linux and Macintosh 2 Tech note ColdFusion Builder 3.0 3.0.3 Hotfix Windows, Linux and Macintosh 2 Tech note Vulnerability Details This update resolves an important vulnerability that could lead to information disclosure (CVE-2016-7887). Acknowledgements Adobe would like to thank Alexander Hass of Hass IT-Consulting for reporting this issue (CVE-2016-7887) and for working with Adobe to help protect our customers. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWFDIY4x+lLeg9Ub1AQgedg/+JZwoBL/Ve2sXlKvyMWmQigq/5KA856nG jKORJVaDK02WxsRSnX04oXGEZ0AElAovIThAe/ZwU9oultzVFvNLvyQit70rdULP CNZUbCdvAAtdu0fllnjfy+zNxU2NvjfFqX12RB+/C+0I4zoku1eokap9N/H0TIj8 4vA+7qozUuHAdEGz6rlv55owR62vO7rotFQd80E7M40mYQ/025HHqlwWfaZl8tCc R1GbRES1EaGRHSjr59ctVWeykYs6iR+dvxYOqXfUYMrzjrH1CLvzOA212/tVwnmf BhDATmJeHaXwzsgHP2ATgETaswOi2GaD6pYHkid/Z0vVzktExuh8+KrJILVGTYk4 nTtEXfkcsuJ5+Fp0wqPmy5D4hwmxFVhXFV85rhz5Qe6+W+RE0pHuATl0iCUh+c1I fdPjcXMAiIbBmMhKKpgBUZS5/T6TqUrlkDoju0++RssGBA6c1V4AxNTwD6kl5FmH A+Rf3le3VYRzXXIrRnONfEY1c5RhF8mWQmtaTCJiaja1+P5j+ceOmipSBts/45uI 163+jjVGVz8svJWnL8VItJALA8zrTwmuZMC3/+iJCsQ3tFpQtYNtIy7LLXd3eKd2 OKyF9Y+JQKPj5TV1zygAs6qMJs64u5/3x4TJSoQSAW/BzplB4xPHWSumrYHl3lr0 r3LsthAHaWk= =ZtM6 -----END PGP SIGNATURE-----