CVE-2017-3066

Publication date

2017-04-27 14:00:00

Family

adobe

State

PUBLISHED

Description

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution.