Adobe ColdFusion Double-Encoded NULL Character Information Disclosure Vulnerability

Adobe ColdFusion Double-Encoded NULL Character Information Disclosure Vulnerability

Solution:
The vendor has released updates. Please see the references for details.

Adobe ColdFusion MX 6.1

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion MX 7.02

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion 8

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion MX Enterprise 6.1

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion 8.0

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion MX 7.00

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion MX 7.01

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion MX Enterprise 7.0

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion 7.0.2

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar

Adobe ColdFusion 8.0.1

Adobe CVE-2009-1876 Hotfix for ColdFusion
http://download.macromedia.com/pub/coldfusion/updates/wsconfig.jar