Adobe Issues Security Update for ColdFusion 10 and Earlier Versions

Adobe has released a security update for its web application development software ColdFusion to address a vulnerability that could be leveraged by a remote attacker to cause a denial-of-service condition.

The flaw, rated important, affects ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, UNIX and Mac OS X platforms.

The security hole – CVE-2012-2048 – has been identified by David Boyer who collaborated with Adobe on addressing it.

The fact that it has been appointed as a Priority 2 issue means that currently there are no known exploits for the vulnerability and the company doesn’t anticipate any exploits to be launched.

However, ColdFusion customers are advised to apply the update to ensure that they’re protected against potential attacks.

Adobe ColdFusion is available for download here.