How CFThread Can Help OR Hurt Performance

coldfusion I am working on a performance analysis for a client, some page requests need to do a cfhttp call, I had the thought to use cfthread for the http call, so that other processing could happen in parallel.

This entry was:

Hotfix for CF8 FCKeditor Vulnerability Released

coldfusion Adobe has just released a security hotfix for the FCKeditor vulnerability in Coldfusion 8.

Also of Note, Adobe's Terry Ryan posted a blog entry today detailing How to report a ColdFusion Security Issue to Adobe.

This entry was:

Hardening ColdFusion - cfObjective 2009 Presentation Slides

coldfusion I've been meaning to post the slides the presentation I gave at cf.

This entry was:

Risks of FCKeditor Vulnerability in CF8

coldfusion I've had a chance to look at the FCKeditor code a little bit in order to determine what the risks actually are of this vulnerability.

This entry was:

ColdFusion 8 FCKeditor Vulnerability

coldfusion There have been a few stories about a vulnerability in FCKeditor that is bundled with ColdFusion 8, first on SANS and now on The Register.

The FCKeditor ColdFusion connector isn't enabled on all CF installations, I think if you installed a fresh 8.0.

This entry was:


did you hack my cf?