Wednesday, November 25, 16:17
Home security Adobe: ColdFusion platform release update to release critical vulnerabilities

Adobe: ColdFusion platform release update to release critical vulnerabilities

AdobeRecently presented three vulnerabilities on Adobe's ColdFusion platform. The company immediately released one update to address vulnerabilities. One of them was even considered particularly critical.

Adobe has stated that vulnerabilities affect it ColdFusion 2016 and 2018.

The updated version released on Tuesday, September 24. The company has made the necessary corrections to prevent possible malware code, the bypass control access and leaks data.

The first vulnerability, the one that has been characterized as critical, has been named CVE-2019-8073. That particular error security can allow hackers to execute malicious code.

The update also resolves a second vulnerability, known as CVE-2019-8074, which is characterized as path traversal vulnerability. Attackers can take advantage of this vulnerability to bypass access control systems. If they manage to bypass the controls, hackers will be able to do various things, such as execute malicious code.

The third vulnerability is called CVE-2019-8072. Vulnerability also allows for bypassing her security and the theft of personal information.

The vulnerabilities were discovered by foundeo researchers and Knownsec 404. Adobe made sure to thank them researchers.

Adobe advises users of the ColdFusion platform to install the new update as quickly as possible. ColdFusion 2016 users will need to install it Update 12, while users of ColdFusion 2018 should use Update 5.

Adobe is not the only company to release updates this week. THE Microsoft also issued an emergency update to resolve critical security errors. The first vulnerability is known as CVE-2019-1367, located on the Internet Explore and allows remote code execution. The second vulnerability, CVE-2019-1255, is a denial-of-service error in the antivirus service, Microsoft Defender. The second vulnerability is less serious, because to be used, hackers must first access the system.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

How to turn off the "Meet Now" feature in Windows 10

Earlier this year, Microsoft added Skype "Meet Now" to Windows 10 previews and ...

NCSC: Fix CVE-2020-15505 RCE Critical Error on MobileIron Platform

The National Cyber ​​Security Center of the United Kingdom (NCSC) issued a warning yesterday, urging all organizations to correct the critical ...

For the first time since the Middle Ages, on December 1 Jupiter-Saturn coupling

Jupiter and Saturn are going to align in a way that has not been done since the Middle Ages, astronomers say. When the...

Ransomware attacks have boosted Coalition revenue

Ransomware attacks, which encrypt a computer files and demand ransom for their decryption, have seen a dramatic increase in ...

The new version of Stantinko malware appears as an Apache web server

Stantinko, one of the oldest malware botnets, has updated its Linux malware, upgrading its trojan to appear as ...

Peatix user data has been leaked

One of the most popular events organizing applications, Peatix, was attacked, with a hacker leaking this month the ...

The M1 Macs can run six external monitors with DisplayLink

YouTuber Ruslan Tulupov states that it is possible to run up to six external screens from the M1 Mac mini and five ...

New WAPDropper malware infects Android devices for WAP scams

Check Point security researchers have discovered a new Android malware, which is used in attacks against users in Southeast Asia (mainly). New...

Security researchers have discovered a bug in cPanel software

Some security researchers have discovered a major security flaw in cPanel, a popular software suite used by web hosting companies to ...

The flooring company Headlam Group came under cyber attack

As she confirmed, the British flooring company Headlam Group, fell victim to a cyber attack. THE...