Adobe warns of hash collision in ColdFusion

The denial-of-service issue affects ColdFusion 9.0.1 and earlier versions for Windows, Mac OS X and UNIX.

Adobe has shipped a priority 2 update to fix a flaw that puts ColdFusion users at risk of denial-of-service attacks.

The vulnerability, rated important, affects ColdFusion 9.0.1 and earlier versions for Windows, Mac OS X and UNIX.

"This vulnerability could lead to a denial of service attack using a hash algorithm collision," the company warned in an advisory.

Adobe recommends that enterprise users of the ColdFusion application server apply the fix within the next 30 days.

ALSO SEE: