A Security Advisory (APSA13-03) has been posted in regards to a critical issue in ColdFusion 10, 9.0.2, 9.0.1 and 9.0 and earlier versions for Windows, Macintosh and UNIX. Adobe is aware of reports that exploit code for the vulnerability is publicly available. Information regarding this vulnerability, including mitigation recommendations, is provided in the Security Advisory. We are in the process of finalizing a fix for the issue and expect a hotfix will be available on May 14, 2013.
This posting is provided “AS IS” with no warranties and confers no rights.