Running CFML on AWS Lambda with FuseLess Slides

coldfusion Here are the slides for my Running CFML on AWS Lambda with FuseLess talk. I gave this talk at Into The Box 2019 in Houston Texas last week.

Nolan Erck has posted his notes if you want to read through a summary. You also may enjoy reading his Recap of Into The Box 2019.


This entry was:

Updating Java on ColdFusion or Lucee

coldfusion As a ColdFusion user you are probably aware that your CFML is compiled into Java byte code and executed by the Java Virtual Machine (JVM). Just like your Operating System or ColdFusion server needs to be patched for security issues, so does your JVM.


This entry was:

Tomcat Java 10 on Windows CreateJavaVM Failed

java I ran into some issues getting the Lucee Tomcat 8.5 service to start on with Java 10.0.2 on a Windows 2016 Server. I was getting errors in the commons-daemon log file like: CreateJavaVM Failed CreateJavaVM Failed The system cannot find the file specified.


This entry was:

Disable Flash Remoting on ColdFusion Servers

coldfusion Due to the recent security vulnerability ABSP15-20 / APSB15-21 in BlazeDS there has been increased interest in disabling flash remoting when not needed -- if you followed the lockdown guide for CF9, CF10, or CF11 you should already have it disabled.


This entry was:

Scope Injection in CFML

coldfusion Here is an interesting vulnerability that I have come across several times in real CFML code during code reviews, I have spoken about it at conferences but have never written about it. Since it doesn't really have a name, I call it Scope Injection, you'll see why in a minute.


This entry was:

foundeo