Security Advisory

CVE-2017-3066

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-04-27 14:00:00

Last updated 2025-10-21 23:55:41

Assigner adobe

State PUBLISHED

Description

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.

← Browse all CVEs View on cve.org ↗