Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions
ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX
A vulnerability was reported in Adobe ColdFusion.
Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This hotfix resolves a vulnerability which could result in a sandbox permissions violation in a shared hosting environment. Adobe recommends users update their product installation using the instructions provided in the "Solution" section below.
A remote authenticated user or a local user can obtain elevated privileges on the target system.
Adobe recommends ColdFusion customers update their installation using the instructions provided in the technote