Adobe ColdFusion 2016 Update 3 and previous versions, ColdFusion 11 update 11 and previous versions, ColdFusion 10 Update 22 and previous versions have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe coldfusion 10.0 |
||
adobe coldfusion 11.0 |
||
adobe coldfusion 2016 |