Copy link to clipboard
Copied
Hi,
Several 7.0.2 links are broken for downloads on http://www.adobe.com/support/security/bulletins/apsb09-12.html
Try the "CVE-2009-1872 and CVE-2009-1877 Hotfix for ColdFusion 7.0.2" link. 😞
Any suggestions?
Adobe, can you fix?
Thanks for any help!
-Chris
Copy link to clipboard
Copied
Can anyone locate these files?
Copy link to clipboard
Copied
Hi Chris,
I am looking into this, I have forwarded this to the concern team.
Regards,
Priyank
Copy link to clipboard
Copied
Any update ont this?
Copy link to clipboard
Copied
Hi,
Due to the lack of action / care by Adobe, I've had to find a way to mitigate this Cold Fusion security
issue (ie lack of the Cold Fusion Hotfix name: CVE-2009-1875).
Add the following to the Apache web server config:
<VirtualHost *:80>
<Directory /var/www/html>
AllowOverride AuthConfig Indexes Limit Options FileInfo
RewriteEngine on
RewriteCond %{REQUEST_URI} %\d\d
RewriteRule ^(.*)(%\d+)(.*)$ $1$3
</Directory>
</VirtualHost>
With this config in place, the following URL:
http://localhost/index%2500.cfm
Will redirect to:
Enjoy!
Copy link to clipboard
Copied
Thanks, Caleb. Unfortunately, our server is Windows-based. Do you happen to have a solution for that? 🙂
Copy link to clipboard
Copied
I don't I'm sorry
I'm Linux only...