On Fri, Jul 3, 2009 at 7:32 PM, Eric Roberts < ow...@threeravensconsulting.com> wrote:
> > I know the vulnerability was in older versions of FCKEditor...if one were > to > install and use the current version, does it still have the vulnerability > or > has that been fixed? I just got an emergency gig to fix a site that was > hacked because of this and we need to know if it is safe to do this or just > keep FCKEditor disabled inthe meantime. > I would keep FCKeditor file upload manager disabled for now: http://www.petefreitag.com/item/705.cfm -- Pete Freitag http://foundeo.com/security/ - ColdFusion Consulting & Products http://petefreitag.com/ - My Blog ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324263 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4