Security updates fix Macromedia flaws

Attackers could exploit vulnerabilities to bypass security controls, gain administrative privileges and cause a denial-of-service. But fixes are available.

Adobe Systems Inc. recommends users of Macromedia ColdFusion and JRun Server apply updates that plug security holes attackers could exploit to bypass security controls, gain administrative privileges and cause a denial-of-service.

The San Jose, Calif.-based vendor has released three separate advisories in recent days. The first and second advisories address flaws in ColdFusion, a program used to develop and deploy applications.

More on Macromedia

Microsoft warns of Macromedia Flash flaw

Vulnerabilities plague Flash Player 7, Apple QuickTime

Macromedia sites suffer under attacks

Adobe said on its Web site that ColdFusion helps users "extend or integrate with Java or .NET applications, connect to enterprise data and applications, create or consume Web services, or interface with SMS on mobile devices or instant messaging clients."

Furthermore, the vendor said it adds "powerful application services for business reporting, rich-forms generation, printable document generation, full-text search, and graphing and charting."

The security updates address:

  • A JRun clustered Sandbox security vulnerability. ColdFusion Sandbox security relies on the Java SecurityManager, Adobe noted, adding, "When ColdFusion is running on a JRun 4 cluster member and the SecurityManager is disabled, Sandbox security silently fails without throwing an exception." With Sandbox security disabled, the vendor said, "a remote attacker using an application set up to use Sandbox security could potentially bypass security controls."
  • A CFMAIL injection vulnerability. An application written to use the CFMAIL tag could be used to attach arbitrary files and send mail with any content, Adobe said, adding, "This is due to weak input validation in the 'Subject' field."
  • A CFOBJECT Sandbox security vulnerability. Setting CFOBJECT /CreateObject(Java) to be disabled in Sandbox security has no effect, "allowing a local attacker to still create an object," Adobe said.
  • An administrator hash exposure vulnerability. The password hash used to authenticate the ColdFusion Administrator is exposed via an API call, allowing a local developer to obtain the hash and authenticate as administrator, Adobe said.

The third advisory addressed two flaws in the JRun server:

  • View Source vulnerabilities. A remote attacker could enter a malformed URL causing JRun to return Web application source code, Adobe said.
  • A JWS denial-of-service vulnerability. The JRun Web Server improperly handles long URLs and headers, allowing a remote attacker to cause a denial of service, Adobe said.

Danish vulnerability clearinghouse Secunia has labeled the flaws "moderately critical" because they could be exploited to expose sensitive information or cause a denial-of-service.

Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close