NICK ADSL UK
August 8th, 2006, 06:16 PM
APSB06-10 - ColdFusion AdminAPI Authentication Security Vulnerability
Summary: The AdminAPI of ColdFusion MX 7 provides programmatic access to all ColdFusion Administrator functionality. All calls to the adminAPI require an authentication test before calling any other adminAPI functionality. The authentication test could be bypassed.
Severity Rating: Adobe categorizes this issue as important and recommends that users apply this workaround to their installations.
Learn more
http://www.adobe.com/support/security/bulletins/apsb06-10.html
Summary: The AdminAPI of ColdFusion MX 7 provides programmatic access to all ColdFusion Administrator functionality. All calls to the adminAPI require an authentication test before calling any other adminAPI functionality. The authentication test could be bypassed.
Severity Rating: Adobe categorizes this issue as important and recommends that users apply this workaround to their installations.
Learn more
http://www.adobe.com/support/security/bulletins/apsb06-10.html