Security Zone Alert: Microsoft Internet Information Server Procedure Available to Eliminate 'Link View Server-Side Component' Vulnerability

Apr 24, 2000

Allaire Security Bulletin (ASB00-09):

This Allaire Security Alert points to Microsoft's released procedure to eliminate a security vulnerability that could allow a malicious user to cause a web server to crash, or potentially run arbitrary code on the server, if certain permissions have been changed from their default settings to inappropriate ones. While this is not a problem with ColdFusion Server itself, it is an issue that can affect ColdFusion users, through an unchecked buffer in Dvwssr.dll, a server-side component used to support the Link View feature in Visual Interdev 1.0. Allaire recommends that customers follow the instructions posted on the Microsoft Web site to address this issue.

Allaire Security Bulletin (ASB00-09)

Copy This Article's Url To Clipboard

Security Zone Alert: Microsoft Internet Information Server Procedure Available to Eliminate 'Link View Server-Side Component' Vulnerability

Latest ColdFusion Talk (CF-Talk)

Latest ColdFusion Jobs (CF-Jobs)

Want a number like 800-ColdFusion?