Vulners
Lucene search
coldfusion.fixes.txt
`Date: Mon, 24 May 1999 15:00:52 -0700
From: [email protected]
To: [email protected]
Subject: New Allaire Security Zone Bulletins and KB Articles
Dear ColdFusion Customer-
Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the Security
Zone at the Allaire Web site to learn about these new issues and what actions you can take to address them:
http://www.allaire.com/security
Recently we posted the following new and updated Allaire Security Bulletins and Knowledge Base Articles:
UPDATED
ASB99-02: ColdFusion Example Applications and Sample Code Exposes Servers
ADDED
ASB99-06: Netscape Servers for Win NT Exposure of Source Code with "%20"
ASB99-07: Possible Denial-of-Service Attack Using CF Admin. Start/Stop Utility
ASB99-08: Pages Encrypted with CFCRYPT.EXE Can Be Illegally Decrypted
Article 10954: Security Best Practice: Securing the ColdFusion Administrator
Article 10953: Security Best Practice: Securing File-based DBs (i.e. Access)
Article 10955: Security Best Practice: URL Session Variables and HTTP_REFERRER
As a Web application platform vendor, one of our highest concerns is the security of the systems our customers deploy. We
understand how important security is to our customers, and we're committed to providing the technology and information customers
need to build secure Web applications. Thank you for your time and consideration on this issue.
-- Damon Cooper
Security Response Team Coordinator, Allaire Corporation
P.S. As a reminder, Allaire has set up an email address that customers can use to report security issues associated with an
Allaire product: [email protected].
-------------------------------------------------------------------------------------
Date: Tue, 25 May 1999 11:08:24 -0700
From: James Stephens <[email protected]>
To: [email protected]
Subject: Re: New Allaire Security Zone Bulletins and KB Articles
At 03:00 PM 5/24/99 -0700, [email protected] wrote:
>Dear ColdFusion Customer-
>
>Several new security issues that may affect ColdFusion customers have come
to our attention recently. Please visit the Security Zone at the Allaire
Web site to learn about these new issues and what actions you can take to
address them:
>
>http://www.allaire.com/security
<snip>
>ASB99-08: Pages Encrypted with CFCRYPT.EXE Can Be Illegally Decrypted
<snip>
Has anyone seen the program that can alegedly decrypt encrypted cfml pages?
Regards,
James Stephens [email protected]
Network Administrator 714-254-0200
Internet Performance Fax: 714-254-0600
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4