CVE-2009-1876
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
Date published : 2009-08-18
http://www.adobe.com/support/security/bulletins/apsb09-12.html