Current hot fix level: chf7020001

Released: 11/30/2006

The following fixes are contained in ColdFusion MX 7.0.2 Cumulative Hot Fix 1 (CHF1). Adobe recommends that CHF1 only be applied to ColdFusion MX 7.0.2 if you are experiencing one or more of the specific fixed issues listed below, and then only to ColdFusion MX 7.0.2 (specifically). Cumulative Hot Fixes for ColdFusion MX 7.0 can be found in TechNote fd71533 and Cumulative Hot Fixes for ColdFusion MX 7.0.1 can be found in TechNote aae43964. Individual hot fixes can be found in TechNote tn_17883.

ID Number Description Added in Cumulative

Hot Fix
62335 Hot fix to resolve cfdocument text being cut off and additional text cut off issues when using various fonts and sizes. 1
63695 cfftp/listdir no longer fails on subdirectories under the the root directory. 1
64046 Data source entries in the ColdFusion administrator are no longer case-sensitive when using sandbox security. 1
52712 ColdFusion MX 7.0.2 can now use named parameters when calling stored procedures using the dbvarname attribute within the cfprocparam tag. 1
64411 JSP processing performance has been significantly increased.cfimport no longer checks for a valid license every time, which was causing the resource bundle to load off of the disk every time a JSP was called. 1


When setting a request variable in Application.cfm equal togetBaseTemplatePath and that variable is returned from a CFC function, ColdFusion MX 7.0.2 will now correctly return the CFC file system path and not the Application.cfm file system path.



Duplicating very large structures now works as expected. Previously, duplicating a very large structure would sometimes result in an inaccurate duplicate of the original structure.


64063 When using Dreamweaver to work with an Access data source through RDS, Dreamweaver will now properly display just the table name and not the entire file path to the table. 1
64796 ColdFusion will no longer return a NullPointerException error when trying to consume a web service using a JSP servlet located in the same server instance as ColdFusion. 1
64364 As of ColdFusion MX 7.0.2, cfreport would not recognize query columns added with QueryAddColumn. This issue has been resolved. 1
65135 When using cfchart, ColdFusion will now include the required file CF_RunActiveContent.js without including/CFIDE at the beginning of the source path. 1
65255 ColdFusion no longer requires write permissions to the directory when using <cfdirectory action="list" .../> with sandbox security. 1
64586 Hot fix to resolve a possible cross-site scripting (XSS) vulnerability in ColdFusion's handling of forms. 1
64430 Hot fix to resolve 'Method can be only called once' exception for any SQL update when using third party Informix and Sybase drivers, and issue where same ResultSet is returned when a query is called twice, first with MaxRows attribute set to specific value and later with no value. 1

Installation instructions

ColdFusion MX 7.0.2 cumulative hot fixes are installed in the ColdFusion MX Administrator. The installation process is the same for all platforms and installation choices.

  1. Download (210K) and extract the chf7020001.jar file.

  2. Open the ColdFusion MX Administrator and select the System Information page.
  3. Next to the Update File field, select the Browse Button and browse to the extracted file. Select the file and click Submit.
  4. Restart ColdFusion.

The ColdFusion MX 7.0.2 cumulative hot fix JAR file does not need to be retained after installing it with the ColdFusion Administrator. The file has been copied into the correct location.

The ColdFusion MX 7.0.2 cumulative hot fix JAR file will appear as a new entry in the System Information list.

Note: Any individual hot fixes previously installed that are now contained in this cumulative hot fix should be removed.

Additional Information

The following updates require that the files be installed directly to the operating system and not through the standard hot fix procedure. The URL included with each description is a link to an Adobe page providing download and installation instructions along with a detailed explanation of the issue.

ID Number Description
64991 This hot fix updates the expired certificate used withcfform applets in ColdFusion MX 7.

ColdFusion MX 7 TechNote:Update for expired certificate on CFForm controls
APSB06-17 A potential vulnerability in a third party library could allow a malicious local user to execute arbitrary code with the privilege level of the local SYSTEM. A malicious user must first be able to run code locally on the server to take advantage of the vulnerability. The following security bulletin and update will secure this vulnerability.

Security Bulletin:Patch available for ColdFusion MX 7 local privilege escalation
N/A Issues in earlier versions of the DataDirect JDBC drivers have been resolved with DataDirect JDBC drivers 3.5. The following TechNote contains a link to download the DataDirect 3.5 drivers and instructions to properly install them.

ColdFusion MX 7 TechNote:Updated DataDirect JDBC drivers (version 3.5)
64641 This hot fix resolves an issue where ColdFusion MX 7.0.2 returns a structure as an object to Flash via Flash Remoting. This causes the Flash data provider to not display the structure properly. After applying the hot fix, ColdFusion will return a structure as a MixedArray which will work properly with Flash.

ColdFusion MX 7 TechNote:Displaying structures with the Flash data provider when using Flash Remoting

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy