Patching the CF API extensions
Patching the CF API extensions
Macromedia recently released a patch for all versions of CF prior to version 5 to address a vulnerability in the CGI and API stubs used by the web server to communicate with the CF service.
While details on the vulnerability haven’t been released by Macromedia, a vulnerability within the stubs could potentially allow retrieval of files from arbitrary locations on the filesystem.
The vulnerability probably exists within the libraries used by the stubs, which would explain why CF 5 isn’t vulnerable.
Home
Speakers
Maps & Hotels
Photos
CF Conf Central
Please send comments/questions to
[email protected]