Allaire Security Bulletin (ASB00-07): 'Microsoft Internet Information Server Exposure of Source Code with Malformed Hit Highlighting Arguments'

Apr 03, 2000

Allaire's Security Zone has posted a recommendation that developers and customers follow the instructions posted on the Microsoft Web site to address a vulnerability for Microsoft IIS. The problem exposes the ability to use a malformed URL to read the source code of ASP, CFML, Perl and other files that are on a server. This is not a problem with ColdFusion Server itself, but it is an issue that can affect ColdFusion users.

Allaire Security Bulletin (ASB00-07)

Latest ColdFusion Talk (CF-Talk)

cfxImage (gafware) IE8 JPEG colour rendering problem
scraping meta tags
Same page loading in MACHII on new events
Change JRun's 404 message?
Data parse error
Creating a new transparent image
Phantom Scheduled Tasks
aes--any way to encrypt a hex encoded string in ColdFusion?
Rotating ColdFusion Logs - best way?
AW: SPAM-LOW: RE: ColdFusion-based picture-gallery

Latest ColdFusion Jobs (CF-Jobs)

ColdFusion Developer - Columbus, OH - 6+ Month Contract
COLDFUSION CONTRACT-ATLANTA
Vista, CA - Full Time ColdFusion Developer Needed
Web Developer in Buffalo Grove, IL
Job Posting - Coldfusion Developer, Fairfax, VA
Job Posting- ColdFusion Developer in Falls Church VA
Job Post - ColdFusion developer for ICMA
Coldfusion Opening in Arlington, VA
chinese ColdFusion programmer seek remote job
Coldfusion / Flex Developer

Want a number like 800-ColdFusion?

My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?