Allaire Security Bulletin (ASB00-11) - A procedure is available to eliminate a security vulnerability affecting several web server products. The vulnerability could potentially allow a malicious web site visitor to perform actions that the system permissions authorize him to perform, but which he previously may have had no means of actually carrying out. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.
ead49691ad21715e0cc247f3d78fe35d2479b62c76bd26d3dc1a257cf8f8a048