For those interested I have compiled all I know about this attack into a blog post:
http://www.coldfusionmuse.com/index.cfm/2009/4/16/iframe.insertion.hack Again, we have not specifically identified the attack but we have lots of information and a stop gap measure :) -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -----Original Message----- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, April 14, 2009 5:37 PM To: cf-talk Subject: RE: Question about hack Thanks... I'll add that to my list. I have a pretty hefty blog post coming out on this tomorrow (or hopefully tomorrow :). -mark ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:321695 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4