Several vulnerabilities in this article have a CVSS score of 9.8. This is as clost to a 10 as you can get. They allow an attacker to gain privelages they shouldn’t have.
One of the programming languages around is called Cold Fusion. MENVI’s web site’s forms were once coded that way because it was once on a Windows Server, not a linux server.
A company assisted me with this because I didn’t know how to do this.
Besides this, Adobe had other issues they had to fix too.
All of the CVE information is in the article which Dan Goodin wrote for Ars Technica. Its titled Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns and if you use the coding platform or anything else in the article, better get your patch on.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.