Gareth Cole <gareth.c...@esus.ie>

Hi Folks,

Just in case you haven't seen this yet, there's a security vulnerability in
the CF801 updater:

http://www.theregister.co.uk/2009/07/03/coldfusion_compromise/

Some genius at adobe decided to enable file uploads by default in the
embedded fckeditor. Unfortunately, this allows hackers to upload any files
they want on to your system, and take control of your server.

The link has full details and remedy.