An important security fix for ColdFusion Builder 3 is now available for download. For more information on the vulnerability refer APSB16-44.

You can download the patch from here (md5 checksum : b67914e27ca4fb8e0fc5ecd354e9a330). Apply this patch to secure your ColdFusion Server and Builder installation. Follow the installation instructions detailed at this technote

6 Comments to “Security fix for ColdFusion Builder 3 released”

  1. Steve W
    since the security bulletin is for both CFB 3 and 2016, will there be another update for 2016 or does this apply to both?
  2. Alberto
    I tried launching using the clean command from the terminal on MacOS, but received the following message "CFBuilder: command not found".
    What am I doing wrong? Thanks!
  3. Vamsee
    @Steve - This issue was fixed in Coldfusion Builder 2016 Update 3 that was released on the 7th of Oct 2016 but is being called out in this bulletin. If you are already on Update 3, you should be good.

    #Alberto - We will have someone check this and get back to you.
  4. Piyush
    Alberto,
    Which directory are you running the command from? Are you prefixing the command with "./" like so : "./CFBuilder".
  5. Mukesh
    @Alberto,
    Can you please trying running with below command on MacOS:
    ./CFBuilder.app/Contents/MacOS/CFBuilder -clean
  6. Anderson
    I am glad to know that they have fixed the Web-socket frame size error in both Google Chrome and Internet Explorer browsers in update 22.Even XML Web services error is fixed in ColdFusion 10 with the new updates.

Leave a Comment

Leave this field empty: