We just released security hotfix APSB12-15 for ColdFusion 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh and UNIX. This update resolves an HTTP response splitting vulnerability in the ColdFusion Component Browser.
ColdFusion Security Hotfix Posted
3 Comments
M
MikeZ83
Thanks, Hemant confirmed it a few minutes ago on Twitter as well.
B
9.0.1 and earlier, so no, not applicable to 9.0.2. But, just to be sure, I am checking with the CF engineering team and will update if hear otherwise.
M
MikeZ83
Thanks for mentioning it.
Is this fix already included in 9.0.2 or did you just forget to add it to the list?