New ColdFusion 8 vulnerability

I don't know, but it should be easy enough to check on your install. Dave Watts, CTO, Fig Leaf Software Dave (or anyone else with information), I know the vulnerability was in older versions of FCKEditor...if one were to install and use the current version, does it still have the vulnerability or has that been fixed?  I just got an emergency gig to fix a site that was hacked because of this and we need to know if it is safe to do this or just keep FCKEditor disabled inthe meantime. Eric On Thu, Jul 2, 2009 at 6:17 PM, Dave Watts <dwatts@figleaf.com> wrote: > > You may want to check for this on any clients/projects you've worked with: > http://isc.sans.org/diary.html?storyid=6715 > > Remediation steps available here: > http://www.codfusion.com/blog/post.cfm/cf8-and-fckeditor-security-threat > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > Fig Leaf Software provides the highest caliber vendor-authorized > instruction at our training centers in Washington DC, Atlanta, > Chicago, Baltimore, Northern Virginia, or on-site at your location. > Visit http://training.figleaf.com/ for more information! > >