ColdFusion Security News Brief: January 14, 2007
by Ryan Hartwich
Last week, Adobe announced a ColdFusion security fix for Windows IIS machines, as well as two technotes for working with MS SQL Server Express 2005 on Vista and email attachment issues.
ColdFusion Security fix for Windows IIS
Adobe has released a ColdFusion 7 security fix, categorized as 'important', for an exploit that may allow specially crafted URLS to breach server security and allow directory listings. Luckily, this problem is limited to the IIS web server.
http://www.adobe.com/support/security/bulletins/apsb07-02.html
Two Important Technotes from Adobe
Making MS SQL Server Express 2005 Talk to ColdFusion on Vista
The first Technote gives helpful hints on how to configure Microsoft's SQL Server Express 2005 to work with ColdFusion. This shouldn't be an issue for most people since it focuses on problems with this relatively new, low-end version of SQL Server, and running on Vista (but not Windows 2003 or XP).
http://www.adobe.com/go/kb400255
Sending Long Email Attachments in Bulk
The second technote covers a hot fix for problems some people may be experiencing when sending a large number of emails (around 500) that contain attachments with long filenames.
http://www.adobe.com/go/kb400262
Keeping current with CF Hotfixes
Do you want a simple way to keep track of future ColdFusion security fixes? Steven Erat has released an extension on his blog for the ColdFusion 7 Administrator that checks Adobe's website for ColdFusion hot fixes. This should be useful to those who administer their own servers and want an easy way to find out about hot fixes. Unfortunately, it does not display technotes, just hot fixes.
Never Miss Another ColdFusion Hotfix (TalkingTree.com, January 11, 2007)
Migrating to 2.0.1 With ColdFusion Extensions
If you are a ColdFusion programmer who has expanded into using the Flex 2 framework and Flexbuilder 2, you may be using the ColdFusion Extensions. There is a slight tweak necessary to successfully upgrade your Flexbuilder 2 IDE to version 2.0.1 (released in the last week) to work with these extensions. The Flex development team has carefully explained the problem with compiling your code and what is necessary to work around the error. You can read more about their solution in the following blog:
http://weblogs.macromedia.com/flexteam/archives/2007/01/migrating_to_20.cfm
http://www.toperlen.deGroßhandel Perlenschmuck,Süßwasserperlen,Akoyaperlen: Perlenketten,Perlen Armbänder,Perlenringe,Perlen Ohrstecker,Perlen Ohrringe und Perlenschmuck Set,Brautschmuck.
Perles d’eau douce,Perles de culture,Perles d’Akoya,Bijoux en perles - Collier de perles,Bracelets de Perles,Boucles d’oreilles Perle,Pendentifs de perles,Bagues de perles. - http://www.toperles.fr
http://www.toperlen.comChinesische Süßwasser perlen,Perlenschmuck,Brautschmuck,
Perlenkette,Perlenarmband,Perlenohrringe,zuchtperlen.
http://www.zuchtperlenschmuck.comGroßhandel Süßwasserperlen,Akoya Perlen,Zuchtperlen - chinesische Perlen,perlenschmuck,Perlenketten,Perlen Armbänder,Perlen,Perlen Sets & Lose Perlen.
http://www.topearl.com, online wholesale jewelry store, supplies Pearl jewelry, coral,turquoise jewelry, shell,gemstone jewelry, pearl bridal jewelry and wish pearls gifts in China.
http://www.hydiapearl.com - Fine jewelry & pearl jewelry wholesaler, wholesales freshwater pearl beads,akoya pearls, handmade pearl necklace,bracelet,earring and pendant and so on.
wholesale fashion jewelry from china
Latest ColdFusion Talk (CF-Talk)
- Return JSON from a CFC
- How to cfdump a single row in a query?
- Migration from CF5 to CF8 plus Dev issues
- How do you guys deploy databases to shared servers?
- Migration from CF5 to CF8 plus Dev issues
- Best performace/practice for storing temp data
- Personalizing a CFLoop - validation error- fixed
- Personalizing a CFLoop - validation error
- Personalizing a CFLoop - cfmail validation error
- Personalizing a CFLoop
Latest ColdFusion Jobs (CF-Jobs)
- Los Angeles developer looking for telecommute or freelance projects
- Austin area ColdFusion expert seeking full-time or telecommute work
- Mid-Senior ColdFusion Developer Needed in Columbia, MD area
- Ohio developer looking for local work
- Adobe Expert Seeking ColdFusion / Flex Dev or QA
- ColdFusion Developer Needed in Los Angeles/South Bay Area
- Serious About Your Solutions? Elite ColdFusion Developer Available in VA/DC/MD metro area
- Senior ColdFusion Developer- Edgw are, London £40,000 to 60,000 + Bens
- Senior ColdFusion Developer- Edgw ar e, London £40,000 to 60,000 + Bens
- Senior ColdFusion Developer- Edgwar e, London £40,000 to 60,000 + Bens
http://www.towholesalejewelry.com