Allaire Security Bulletin ASB00-15: Workaround for JRun 2.3.x Code Sample Vulnerabilities

Jun 19, 2000

JRun 2.3.x includes a number of example applications and sample code that expose security issues. JRun 3.0 addresses the viewsource.jsp issue. Allaire strongly recommends that customers follow the best practice of not installing sample code and documentation on production servers, and of removing the sample code and documentation files from production servers and restricting access to those directories where they are installed on workstations. A service pack is available.

Latest ColdFusion Talk (CF-Talk)

Output newest one item from each category
cftextarea setValue() and jquery dialog
query add row at top of query
ColdFusion 9 ajax controls
Need a west coast (US) based ColdFusion host
SOT: SQL Server Data Archival - my solution
sensitive data collection practices with ColdFusion
SQL Server Data Archival - my solution
Bind to a CFINPUT from a CFGRID
Need a west coast (US) based ColdFusion host [spamtrap heur]

Latest ColdFusion Jobs (CF-Jobs)

Code Junky Wanted in Downtown Chicago!
Coldfusion Developer in Los Angeles
Full time ColdFusion position in Arlington, VA (Rosslyn)
Coldfusion Opportunities: Washington DC and Alexandria, VA
ColdFusion Developers who can obtain a DoD Secret in the DC Metro Area
ColdFusion Programmer Opportunity in Nashville, TN
ColdFusion 8 Development Position in Arlington, VA
Web Application / ColdFusion Developer (Permanent/Houston)
Small Work for Site Migration from CF8 Win 03 to CF9 Win 08
Southern California Development Company Seeks Reliable Mid Level Developers

Want a number like 800-ColdFusion?

My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?