>On Tue, Sep 11, 2012 at 7:48 PM, <> wrote: >> >> >>i already read tha adobe bulletin, it doesn't really say much. >> >> I doubt you will ever see details and description about any possible attack. >> It would be too easy for those looking for ideas... > >Publication of details of an attack are pretty common. Good guys will >typically find an attack, alert the people who are in a position to >fix the product(s), wait for them to confirm it and start on a fix and >then publish the details of the attack after the vulnerability patch >has been released.
Well I think I'm being a good guy so far ;) Contacted Adobe about this, they've got the fix out and I've been working hard contacting those who I think are most at risk from the issue itself. I doubt I'll put the details of the attack out there anytime soon, I'd still feel a bit guilty if it was taken advantage of, even if it's the fault of someone not updating their installations. I'm still trying to discuss some things with Adobe in relation to this, so you may get some more information at some point. Dave --- David Boyer Blog ---------------- http://misterdai.yougeezer.co.uk Twitter ------------- http://twitter.com/misterdai CFML Engine Monitor - http://www.cftracker.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352612 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
