Adobe released a security bulletin regarding the Coldfusion web engine. Upgrade / patch your Coldfusion server if you like to stay in control of your webserver. The patch has been classified as important.
An important vulnerability has been identified in ColdFusion 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution to the reported vulnerability. It is recommended that users update their product installation using the instructions provided above.
The patch/update get be downloaded here.