Most critical ColdFusion vulnerability affects about a tenth of all Coldfusion servers at the present. It chains together multiple exploits, and it provides a 30 second window into the Administrator panel to write out a shell. No other versions can be patched using the LFD->Bypass->RCE exploit. The official Adobe patch can be downloaded from the official patch here. It is only available to fix the vulnerability on ColdFusions 8.0. The vulnerability can only be fixed on the 8.5 version of this version of the software.
Source: https://thehackernews.com/2012/01/coldfusion-zero-day-vulnerability.html