ColdFusion 10, ColdFusion 9.0.2, ColdFusion 9.0.1, and ColdFusion 9.0 are affected with the vulnerabilities mentioned in the security bulletin APSB13-10. This article provides fixes for the security issues mentioned in the bulletin, along with the installation instructions.
See important security hot fix-related notes published in previous security hot fixes here.
In ColdFusion 10, use the hot fix installer to apply this update (ColdFusion 10 Update 9). The ColdFusion 10 Update 9 is a cumulative update. That is, it includes all the bug fixes from the previous updates of ColdFusion 10.
If you have not applied the ColdFusion 10 Mandatory Update, then apply it first to apply this update.
In the following deployment options, {ColdFusion-Home} indicates the following:
Use the following instructions if you have previously applied Security hot fix APSB13-03.
Use these instructions if you have not applied Security hot fix APSB13-03.
Follow the instructions in the security bulletin APSB11-15 to apply the fix.
If you have installed the hot fix for ColdFusion 9, and upgraded to ColdFusion 9.0.1, then apply the security hot fix for the update.
For previous ColdFusion security hot fixes, see the Security bulletins and advisories page.
Revision:
June 26 2013: Added note section under Solution heading.
Sign in to your account