I was looking at CF8 server vunerabilities, such as this one http://www.youtube.com/watch?v=CzXLLZ8ohZU where a user can easily get into the CF admin, add a shell and then basically do what they heck on our server.
Can anybody tell me how to make sure that this particular vunerability has been taken care of, is it part of a particular service pack, when I say service pack I mean cummulative hot fix, like CHF 4 http://helpx.adobe.com/coldfusion/kb/cumulative-hot-fix-4-coldfusion.h tml
CHF is just another term for a service pack I guess, and CHF 4 appears to be the last cummulative fix up.
My only concern is that if we had been compromised that even a hotfix would not remove any shells, although I could not find any, I am not a hacker, and those guys are very good at hiding things.
Ahh..after posting this I then saw the link to security
http://helpx.adobe.com/coldfusion/kb/cumulative-hot-fix-4-coldfusion.h tml#main_Security
It looks like quite a bit of work, no wonder so many people jumped ship from CF 
Appreciate any guidance on this
Thanks
Mark