The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an unspecified URL.
https://exchange.xforce.ibmcloud.com/vulnerabilities/55997
http://www.vupen.com/english/advisories/2010/0259
http://www.securitytracker.com/id?1023519
http://www.securityfocus.com/bid/38007
http://www.adobe.com/support/security/bulletins/apsb10-04.html