The Oracle security Alert CVE-2010-4476 affects ColdFusion versions 9.0.1, 9.0, 8.0.1, and 8.0.

Adobe recommends updating the Java (JDK/JRE) for all ColdFusion server versions as per Oracle’s Java update instructions. Information about the security vulnerability along with the fix is provided at the following link.

Oracle just released a Security Alert with a fix for the vulnerability CVE-2010-4476, which affects Oracle Java SE and Oracle Java For Business. This vulnerability is present in Java running on servers as well as standalone Java desktop applications. Its successful exploitation by a malicious attacker can result in a complete denial of service for the affected servers.

Read the full articles on Adobe’s and Oracle’s sites.

One thought on “ColdFusion 8 & 9 Included on Oracle Security Alert CVE-2010-4476

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.