First published: Tue Sep 25 2018(Updated: )
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe ColdFusion | =11.0 | |
Adobe ColdFusion | =11.0-update1 | |
Adobe ColdFusion | =11.0-update10 | |
Adobe ColdFusion | =11.0-update11 | |
Adobe ColdFusion | =11.0-update12 | |
Adobe ColdFusion | =11.0-update13 | |
Adobe ColdFusion | =11.0-update14 | |
Adobe ColdFusion | =11.0-update2 | |
Adobe ColdFusion | =11.0-update3 | |
Adobe ColdFusion | =11.0-update4 | |
Adobe ColdFusion | =11.0-update5 | |
Adobe ColdFusion | =11.0-update6 | |
Adobe ColdFusion | =11.0-update7 | |
Adobe ColdFusion | =11.0-update8 | |
Adobe ColdFusion | =11.0-update9 | |
Adobe ColdFusion | =2016 | |
Adobe ColdFusion | =2016-update1 | |
Adobe ColdFusion | =2016-update2 | |
Adobe ColdFusion | =2016-update3 | |
Adobe ColdFusion | =2016-update4 | |
Adobe ColdFusion | =2016-update5 | |
Adobe ColdFusion | =2016-update6 | |
Adobe ColdFusion | =2018 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-15959 is critical, with a severity value of 9.8.
The affected software for CVE-2018-15959 is Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier.
CVE-2018-15959 is a deserialization of untrusted data vulnerability in Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier.
Successful exploitation of CVE-2018-15959 could lead to arbitrary code execution.
Yes, there are references available for CVE-2018-15959. You can find them at the following links: [link1](http://www.securityfocus.com/bid/105313), [link2](http://www.securitytracker.com/id/1041621), [link3](https://helpx.adobe.com/security/products/coldfusion/apsb18-33.html).