ColdFusion 0day·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-03-04

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-7816£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬ CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°ÏìÁìÓò


ÊÜÓ°ÏìÈí¼þÒÔ¼°°æ±¾£º 

ColdFusion 2018

ColdFusion 2016

ColdFusion 11


·ì϶¸ÅÊö


ColdFusionÊÇÒ»¸ö¶¯Ì¬Web·þÎñÆ÷£¬ÆäCFML£¨ColdFusion Markup Language£©ÊÇÒ»ÖÖ·¨Ê½Éè¼Æ˵»°£¬ÀàËƴ˿̵ÄJavaServer PageÀïµÄJSTL£¨JSP Standard Tag Lib£©£¬´Ó1995ÄêÆðÍ·¿ª·¢£¬ÆäÉè¼Æ˼Ï뱻һЩÈËÒÔΪ¼«¶ÈÏȽø£¬±»Ò»Ð©Ëµ»°Ëù½è¼ø¡£


Adobe°ä²¼´¹Î£¸üУ¬½¨¸´ÁËColdFusion WebÀûÓ÷¨Ê½¿ª·¢Æ½Ì¨µÄ¹Ø¼ü·ì϶¡£¸ÃÃýÎó¿Éµ¼ÖÂËÁÒâ´úÂëÖ´ÐУ¬²¢ÒÑÔÚÒ°±í±»ÀûÓá£


°²È«ÎÊÌâÔÊÐí¹¥»÷ÕßÈƹýÉÏ´«ÎļþµÄÏ޶ȡ£ÒªÀûÓÃËü£¬¹¥»÷Õß±ØÐë¿ÉÄܽ«¿ÉÖ´ÐдúÂëÉÏÔص½Web·þÎñÆ÷ÉϵÄÎļþĿ¼¡£

AdobeÔÚÆ䰲ȫ²¼¸æÖгÆ£¬¸Ã´úÂëÄܹ»Í¨¹ýHTTPÒªÇóÖ´ÐС£


½¨¸´½¨Òé


Ä¿Ç°AdobeÒÑ°ä²¼²¹¶¡£¬ÇëÓû§¾¡¿ì½øÐа汾¸üУºhttps://helpx.adobe.com/security/products/coldfusion/apsb19-14.html¡£


²Î¿¼Á´½Ó


https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html