>Does anyone have any experience with reporting security vulnerabilities >to Macromedia? I reported a vulnerability in ColdFusion using the >Macromedia Security Report Form >(http://www.macromedia.com/devnet/security/security_zone/alertus.html) >three days ago, and haven't heard anything back yet. From what I can >tell, the example code I provided a URL for hasn't been downloaded >either. > > > >Does anyone know if it is usual to receive a response in this situation? >Obviously I'm not expecting a hotfix the very next day, but just an >acknowledgement that my report has been received and is being >investigated would be reassuring.
You can email me directly. I'm a member of the security team. We're working on several issues right now - most turn out to be config issues, not product problems but we look at each and every one. Can you send me what you've sent in? Stephen Dupre ([EMAIL PROTECTED]) Macromedia, Inc ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:217638 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54