PROBLEM:
Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service
PLATFORM:
ColdFusion 10 Update 1 and above for Windows
ABSTRACT:
Adobe ColdFusion Denial of Service Vulnerability
REFERENCE LINKS:
Adobe Vulnerability identifier: APSB12-25
SecurityTracker Alert ID: 1027787
Secunia Advisory SA51335
CVE-2012-5674
IMPACT ASSESSMENT:
High
DISCUSSION:
A vulnerability was reported in Adobe ColdFusion. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause unspecified denial of service conditions on the target ColdFusion service on Windows Internet Information Services (IIS).
IMPACT:
A remote user can cause denial of service conditions.
SOLUTION:
Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a Denial of Service condition.