Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Coldfusion | Adobe | 11.0 (including) | 11.0 (including) |
Coldfusion | Adobe | 11.0-update1 (including) | 11.0-update1 (including) |
Coldfusion | Adobe | 11.0-update10 (including) | 11.0-update10 (including) |
Coldfusion | Adobe | 11.0-update11 (including) | 11.0-update11 (including) |
Coldfusion | Adobe | 11.0-update12 (including) | 11.0-update12 (including) |
Coldfusion | Adobe | 11.0-update2 (including) | 11.0-update2 (including) |
Coldfusion | Adobe | 11.0-update3 (including) | 11.0-update3 (including) |
Coldfusion | Adobe | 11.0-update4 (including) | 11.0-update4 (including) |
Coldfusion | Adobe | 11.0-update5 (including) | 11.0-update5 (including) |
Coldfusion | Adobe | 11.0-update6 (including) | 11.0-update6 (including) |
Coldfusion | Adobe | 11.0-update7 (including) | 11.0-update7 (including) |
Coldfusion | Adobe | 11.0-update8 (including) | 11.0-update8 (including) |
Coldfusion | Adobe | 11.0-update9 (including) | 11.0-update9 (including) |
Coldfusion | Adobe | 2016 (including) | 2016 (including) |
Coldfusion | Adobe | 2016-update1 (including) | 2016-update1 (including) |
Coldfusion | Adobe | 2016-update2 (including) | 2016-update2 (including) |
Coldfusion | Adobe | 2016-update3 (including) | 2016-update3 (including) |
Coldfusion | Adobe | 2016-update4 (including) | 2016-update4 (including) |