-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2013-0044

Title:  Hotfix available for ColdFusion [1]

Version history:
21.05.2013 Initial publication

Summary
=======
Adobe has released a security hotfix for ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX.  This hotfix addresses a vulnerability (CVE-2013-1389) that could allow remote arbitrary code execution on a system running ColdFusion, and a vulnerability (CVE-2013-3336) that could permit an unauthorized user to remotely retrieve files stored on the server. 

Adobe is aware of reports that CVE-2013-3336 (referenced in Security Advisory APSA13-03 [3]) is being exploited in the wild against ColdFusion customers. Adobe recommends users update their product installation using the instructions provided in the "Solution" section below.

Vulnerable systems
==================
ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX.

What can you do?
================
Adobe recommends ColdFusion customers update their installation using the instructions provided in the technote [1].


More information
================
[1] http://www.adobe.com/support/security/bulletins/apsb13-13.html
[2] http://web.nvd.nist.gov/
[3] http://www.adobe.com/support/security/advisories/apsa13-03.html

Best regards,
CERT-EU (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu<mailto:cert-eu@ec.europa.eu>
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJRmyc1AAoJEPpzpNLI8SVoZSEP/RUsnEUVCu31yEzHglf0zFSR
867DQCS4aLm8nMHONZ4SUBZ52DiptoWSnUpf3Ck2twN7uekKJndyJLaLT/B8snev
jRH18hCcRKIedY5oCtmZ5LryxB2NHSfcEjH2LjB+JbQ3fGqgTgPxt40TQvehQQCT
Ny4APPEG106Yud17m8DfiYZvg9pRiNUG2QsFQ1NSdINrVyl/rOqO2g1XIuWI23kR
8Zl/eWrI4l+C36nl4g6dEla99ovj8ANhhpwbZThJVFqejbLog8/mZsz4Ag9sroXO
mdHpBr8HiX0rbJdgd2FPtJnFOqXSOBhlSP/3L2Sm7ucdKyCfL8wxbMhnYr2PrNl9
40wmAUGIN60s3mv0du3s+clPXli3Fhgn5ZBy0nRgC+8WGGlbXdR8hOuxBQxBSLF5
S5MKk8V6ONE9pDmm5sKFY2d7QhlQzVE38Rf3yuVo7HdD+G/m/rFYHkTBuYh/zdk/
R+/jTXbqI1LqDo3wlqtNGILVi1oEHcuBTxzrG3may18U1+qCNJAZUMf6c5z/+78L
YT8hNni5BhFd54oUrO4ElUKb11XIcJ5ePb1KBqbVbdRsBMAGS3ajCKYBcV729G3F
j9zjszotfP8AlRBLNPDt6ILKIDZHReDuTGJkhJty+MwPtVC4cPE9LHq8BegQ5S9e
4m7rxtPBYrlGTnM08+fV
=Bn0j
-----END PGP SIGNATURE-----