Current hot fix level: chf7020002

Released: 03/28/2007

(Note: The download file was replaced with an updated version on 4/6/07)

The following fixes are contained in ColdFusion MX 7.0.2 Cumulative Hot Fix 2 (CHF2). Adobe recommends that CHF2 only be applied to ColdFusion MX 7.0.2 if you are experiencing one or more of the specific fixed issues listed below. This cumulative hot fix is specific to ColdFusion MX 7.0.2 and should not be applied to previous releases.

ID Number Description Added in Cumulative
Hot Fix
64883 CFChart X AxisType of scale data plotting issues that causes false data points. 2
65030 Intermittant cflock release problem, which could lead to timeout errors waiting to lock thread. 2
65340 Intermittant, "no lock by name {cflockName} found." 2
65115 WatcherService update that resolves failure of ColdFusion MX 7 to be able to create a large number (100+) of sandboxes in quick succession. This issue only occurs when using the AdminAPI to create sandboxes. 2
65135 Add ContextRoot to ScriptSrc cfform attribute as required for J2EE versions.. 2
65095 cfmail mailspool problem occurring when emails have attachments that have long filenames. 2
64352 NullPointerExceptions when CFC webservices return a complex type that contains undefined values. 2
65613 Fix to prevent caching of null query objects due to a timeout during call to cfquery with cachedwithin attribute set. 2
66390 Broken hyperlinks inside cfreports. 2
64044 Fix to allow ScriptSrc attribute of cfform tag to override ScriptSrc setting in ColdFusion administrator. 2
65378 Report Builder multi-column footer 2
62335 cfdocument text being cut off and additional text cut off issues when using various fonts and sizes. 1
63695 cfftp/listdir no longer fails on subdirectories under the root directory. 1
64046 Data source entries in the ColdFusion administrator are no longer case-sensitive when using sandbox security. 1
64411 JSP processing performance has been significantly increased. cfimport no longer checks for a valid license every time, which was causing the resource bundle to load off of the disk every time a JSP was called. 1
64200 When setting a request variable in Application.cfm equal to getBaseTemplatePath and that variable is returned from a CFC function, ColdFusion MX 7.0.2 will now correctly return the CFC file system path and not the Application.cfm file system path. 1
63910 Duplicating very large structures now works as expected. Previously, duplicating a very large structure would sometimes result in an inaccurate duplicate of the original structure. 1
64063 When using Dreamweaver to work with an Access data source through RDS, Dreamweaver will now properly display just the table name and not the entire file path to the table. 1
64796 ColdFusion will no longer return a NullPointerException error when trying to consume a web service using a JSP servlet located in the same server instance as ColdFusion. 1
64364 As of ColdFusion MX 7.0.2, cfreport would not recognize query columns added with QueryAddColumn. This issue has been resolved. 1
65135 When using cfchart, ColdFusion will now include the required file CF_RunActiveContent.js without including /CFIDE at the beginning of the source path. 1
65255 ColdFusion no longer requires write permissions to the directory when using <cfdirectory action="list" .../> with sandbox security. 1
64586 Hot fix to resolve a possible cross-site scripting (XSS) vulnerability in ColdFusion's handling of forms. 1
64229 Hot fix to resolve 'Method can be only called once' exception for any SQL update when using third party Informix and Sybase drivers, and issue where same ResultSet is returned when a query is called twice, first with MaxRows attribute set to specific value and later with no value. 1
64430 Hot fix to resolve cfquery returning same resultset after updates to cfquery attributes like MaxRows. Without this fix a change to MaxRows or other attributes is ignored. 1

Installation Instructions

ColdFusion MX 7.0.2 cumulative hot fixes are installed in the ColdFusion MX Administrator. The installation process is the same for all platforms and installation choices.

  1. Download (316K) and extract the chf7020002.jar file.

  2. Open the ColdFusion MX Administrator and select the System Information page.
  3. Next to the Update File field, select the Browse Button and browse to the extracted file. Select the file and click Submit.
  4. Restart ColdFusion.

The ColdFusion MX 7.0.2 cumulative hot fix JAR file does not need to be retained after installing it with the ColdFusion Administrator. The file has been copied into the correct location.

The ColdFusion MX 7.0.2 cumulative hot fix JAR file will appear as a new entry in the System Information list.

Note: Any individual hot fixes previously installed that are now contained in this cumulative hot fix should be removed.

Additional Information

The following updates require that the files be installed directly to the operating system and not through the standard hot fix procedure. The URL included with each description is a link to an Adobe page providing download and installation instructions along with a detailed explanation of the issue.

ID Number Description
Technote b39b42b5 Several ColdFusion MX 7 XMPP (Instant Messaging) Gateway problems can be corrected by updating the XMPP Gateway component.

ColdFusion MX 7 TechNote: Replacement file for XMPP Gateway
64335 This hot fix is for a potential memory leak caused by cancelling cfuploads in progress with ColdFusion MX 7. This fix includes both ColdFusion and JRun hot fix JAR files.

ColdFusion MX 7 TechNote: Update for cffile memory leak
APSB07-02 A potential vulnerability in ColdFusion and JRun URL parsing could allow access to directory listings under the coldfusion installation directory. The following security bulletin and update will secure this vulnerability.

Security Bulletin: Patch available for ColdFusion MX 7 and JRun 4 information disclosure issue
N/A All ColdFusion and JRun Security Bulletins may be viewed at

ColdFusion MX Security Bulletins:

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy