CF MX7 PCI Scanning Result

Question

Hi,I am using Macromedia coldfusion MX7 in my server and I am new to coldfusion. I am using coldfusion for my website admin side purpose and when i run my site for PCI scanning(security checks), the rating was 4.3 red.The major issues are,1. Apply the hotfixes referenced in Adobe advisory (APSB12-15)2.Apply the hotfixes reference in Adobe&#39; advisory.3. Restrict access to the vulnerable application. contact the vendor for a patch or upgrade.And they mentioned the code like, CVE 2012-2041,CVE-2011-0580,CVE-2009-1875,CVE-2009-1872 I tried the below URL as they given,http://www.dsecrg.com/pages/vul/show.php?id=122http://www.adobe.com/support/security/bulletins/apsb09-12.htmlBy this url reference, they have given solution for CF 7.0.2,CF8 and CF8.0.1 version but I am using CF MX7.For this,1.In which version will i try to solve this issues or is there any sites are available for version CF MX7?2.Is any other solution available for the above errors?3.To fix the above issues, Is I need to follow all the instruction separately for every errors?I am really stuck on this, please guide me to come over this issue and many thanks in advance.Regards,Samsul hudha .M.Y

BKBK · Answer

In my opinion you need to do 2 things to continue to use MX7 securely.

1) Apply Upgrade 2 of ColdFusion MX7, raising the version to MX7.0.2. That was the last best version.

2) Apply the latest hotfixes for MX7.0.2.

However, with the coming of ColdFusion 10, Adobe appears to have removed all MX7 downloads from their web sites. Contact Adobe customer support and ask them to provide you with the downloads. As an alternative, you might want to migrate your application to a more recent version of ColdFusion.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded