ColdFusion MX 7.0.1: Sandbox Security for ColdFusion ComponentsProducts affected
Issue
Sandbox security limits CFML code from being accessed by code outside the sandbox. It was found that CFML templates could invoke ColdFusion components (CFCs) outside its sandbox. There is a hot fix available to fix this issue in ColdFusion MX 7.0.1.
Note: This issue is not fixed in ColdFusion MX 7.0.0. You must upgrade to ColdFusion MX 7.0.1 and then apply the hot fix. Alternatively, you can upgrade to ColdFusion MX 7.0.2, which already includes the fix.
Solution
Adobe has created an individual hot fix for this issue.
Installation instructions
Both ColdFusion MX 7 cumulative and individual hot fixes are installed in the ColdFusion MX Administrator. The installation process is the same for all platforms and installation choices.
ColdFusion MX 7.0.1 Only
- Download and extract the hot fix (9K).
- Open the ColdFusion MX Administrator and select the System Information page. Next to the Update File field, either:
- Type in the file path and click Submit.
OR
- Select the Browse Button and browse to the downloaded file. Select the file and click Apply.
- Type in the file path and click Submit.
- Restart ColdFusion MX.
Additional Information
ColdFusion MX: Webservices not protected by Sandbox Security (TechNote 6edebba6)
Doc ID
(94491491)
Last updated
2006-09-12
Products affected
