Does ColdFusion : Security Bulletin APSB10-11 apply to MX 7.0.2

So dnyone know if this issue affects version 7.02 or earlier? If so, I'm sure there are quite a few developers/admins who would like to hear what can be done, if anything to battle this issue.

I  can't imagine Adobe would leave all earlier versions  out to the wolves?

Thank you all this information has been usefull.

@Adam the document you reference is extremely helpful.  I would had thought the Security Patches are still address during "Extended Support".  However, this may be why it's getting extremely more dificult to determine which Security Bulletins affect 7.0.2.

@Ian. Yes my concern is that MX 7.0.2 is effected by APSB 10-11 with no patch available.  I know the last few patches I had to dive into the 9 and 8 bulittens to determine that they effect 7.0.2.  According to Adobe - Secuirty bullentins ( http://www.adobe.com/support/security/#coldfusion ) the last patch for 7.0.2 is APSB08-21 Update available for potential ColdFusion 8 privilege escalation issue however I know that APSB09-12 Security Update: Hotfixes available for ColdFusion and JRun also applied to 7.0.2 but was only listed in the Cold Fusion 8 section.

I contacted adobe phone support and was directed to post my question to the forum because adobe doesn't provide phone support for server products.

I have had phone support from them, and they were quite helpful.  Do you mean they don't do free phone support?  No, they don't.

I cannot believe they suggested you raise an issue on the forum.  That's just sh!t.  There's no other way of describing that.

Additionally, does anyone know if Cold Fusion MX 7.0.2 is a supported product?

http://www.adobe.com/support/products/enterprise/eol/eol_matrix.html#63

Only for "Extended support", whatever that is.

[searches]

Hmmm... http://www.adobe.com/support/programs/policies/terms_customer.html:

Extended Support. If version of software held by Customer at time of renewal has been end-of-lifed during the next renewal term, Customer may renew to Extended Support, provided that Extended Support is available for such software version.  Information about Software that has been or soon will be end-of-lifed and Extended Support availability dates by product version are published at www.adobe.com/support. If Customer elects to purchase Extended Support, the Annual Support Fee shall be twenty-five (25%) percent of the license fee paid for the Software (if such fee cannot be established, the percentage would be based on the then-current list price of the license fee for the Software), however in no event shall the amount be less than the last renewal prior to renewing under Extended Support.

If extended support is renewed, the renewal fee would be the Annual Support Fee paid for the prior year increased by the applicable Consumer Price Index (CPI)*, for the 12-month period preceding the renewal date. Should Customer upgrade to the next major version of the Software (e.g., upgrade from 4.0 to 5.0), the Annual Support Fee for the upgraded version shall be the lesser of twenty percent (20%) of the then current list price of the license fee for such upgraded version, or the Annual Support Fee for the last renewal prior to renewing under Extended Support increased by the applicable Consumer Price Index (CPI)*, for the 12-month period preceding the renewal date.

So there you go.  It's something you'd have to be paying for anyhow, and my reading of that is that it's too late to get it now anyhow.

I think this will also mean that you're definitely out of luck in regards to any sort of patching going on for CFMX7.

--

Adam