Adobe has released security hotfixes for ColdFusion versions 10, 11 and the 2016 release. These hotfixes resolve an input validation issue (CVE-2016-1113), a host name verification problem with wild card certificates (CVE-2016-1115) and include an updated version of Apache Commons Collections library to mitigate java deserialization (CVE-2016-1114).

Contact us right away or call us to get this security hotfix for ColdFusion installed and update your System!

Release date: May 10, 2016

Vulnerability identifier: APSB16-16

CVE numbers: CVE-2016-1113, CVE-2016-1114, CVE-2016-1115

ColdFusion 2016 release:

ColdFusion (2016 release) Update 1 (release date May 10, 2016) includes the following changes:

• Tomcat upgrade to 8.0.32.
• Addresses a vulnerability mentioned in the security bulletin
• Several important bug fixes for security, core language features, server, and other areas.

ColdFusion 11:

ColdFusion 10:

Download Safari now from Softonic: 100% safe and virus free. Safari Download Safari for Windows. Version: 5.1.7; Size: 36.7 MB; Filename: SafariSetup.exe. But from the day it was released, Safari set the bar higher for web browsers. … the very top of the browser, opening an even wider window for viewing websites.

ColdFusion 10 Update 19 (release date May 10, 2016) includes the following changes:

• Tomcat upgrade to 7.0.68.
• Addresses a vulnerability mentioned in the security bulletin
• Important bug fixes for security and server.
• This update is cumulative and includes fixes from previous ColdFusion 10 updates.

Adobe recommends that customers apply the appropriate hotfix immediately, therefore you should contact your Administrator, or you can have Our Team at Ecom Solutions help you implement it.

Contact us right away to get this security hotfix for ColdFusion installed and update your System!

This entry is filed under ColdFusion, Security and Performance. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.