Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors.Referenceshttp://www.adobe.com/support/security/bulletins/apsb13-27.html
