FYI...

Adobe ColdFusion - multiple vulns ...
- https://www.adobe.com/support/securi...apsa13-01.html
January 4, 2013
CVE number: CVE-2013-0625, CVE-2013-0629, CVE-2013-0631
Platform: All
Summary: Adobe has identified three vulnerabilities affecting ColdFusion for Windows, Macintosh and UNIX:
CVE-2013-0625 affects ColdFusion 10, 9.0.2, 9.0.1 and 9.0, and could permit an unauthorized user to remotely circumvent authentication controls, potentially allowing the attacker to take control of the affected server.
CVE-2013-0629 affects ColdFusion 10, 9.0.2, 9.0.1 and 9.0, and could permit an unauthorized user access to restricted directories.
CVE-2013-0631 affects ColdFusion 9.0.2, 9.0.1 and 9.0, and could result in information disclosure from a compromised server.
There are reports that these vulnerabilities are being exploited in the wild against ColdFusion customers. Note that CVE-2013-0625 and CVE-2013-0629 only affect ColdFusion customers who do not have password protection enabled or have no password set. We are in the process of finalizing a fix for the issues and expect a hotfix for ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX will be available on January 15, 2013..."
___

Adobe Reader/Acrobat prenotification for Jan 2013
- https://www.adobe.com/support/securi...apsb13-02.html
Jan 3, 2013 - "Adobe is planning to release security updates on Tuesday, January 8, 2013 for Adobe Reader and Acrobat XI (11.0.0) and earlier versions for Windows and Macintosh, and Adobe Reader 9.5.1 and earlier 9.x versions for Linux..."