Does ColdFusion : Security Bulletin APSB10-11 apply to MX 7.0.2

I contacted adobe phone support and was directed to post my question to the forum because adobe doesn't provide phone support for server products.
So, Does ColdFusion : Security Bulletin APSB10-11 apply to MX 7.0.2?
In the Security Bulleting it reads like it does:
Summary
Important vulnerabilities have been identified in ColdFusion 8.0, 8.0.1, 9.0 and earlier versions for Windows, Macintosh and UNIX. The vulnerabilities could lead to cross-site scripting and information disclosure.
source: http://www.adobe.com/support/security/bulletins/apsb10-11.html
However, there are no solutions in the technote:
Issue
Note: This technote and the attachments have been updated on 05/13/2010. All ColdFusion users should review the technote again. An issue when this security fix was applied with Cumulative Hot Fix 4 for ColdFusion 8.0.1 has been identified and resolved. The issue was caused by a naming conflict.
ColdFusion 9.0, 8.0.1 and 8.0 are affected with the issue mentioned in the security bulletin APSB10-11. This technote provides fixes for the security issues along with the installation instructions.
source: http://kb2.adobe.com/cps/841/cpsid_84102.html
Additionally, does anyone know if Cold Fusion MX 7.0.2 is a supported product?
Thank you any help will be benifitial.

I contacted adobe phone support and was directed to post my question to the forum because adobe doesn't provide phone support for server products.
I have had phone support from them, and they were quite helpful.  Do you mean they don't do free phone support?  No, they don't.
I cannot believe they suggested you raise an issue on the forum.  That's just sh!t.  There's no other way of describing that.
Additionally, does anyone know if Cold Fusion MX 7.0.2 is a supported product?
http://www.adobe.com/support/products/enterprise/eol/eol_matrix.html#63
Only for "Extended support", whatever that is.
[searches]
Hmmm... http://www.adobe.com/support/programs/policies/terms_customer.html:
Extended Support. If version of software held by Customer at time of renewal has been end-of-lifed during the next renewal term, Customer may renew to Extended Support, provided that Extended Support is available for such software version.  Information about Software that has been or soon will be end-of-lifed and Extended Support availability dates by product version are published at www.adobe.com/support. If Customer elects to purchase Extended Support, the Annual Support Fee shall be twenty-five (25%) percent of the license fee paid for the Software (if such fee cannot be established, the percentage would be based on the then-current list price of the license fee for the Software), however in no event shall the amount be less than the last renewal prior to renewing under Extended Support.
If extended support is renewed, the renewal fee would be the Annual Support Fee paid for the prior year increased by the applicable Consumer Price Index (CPI)*, for the 12-month period preceding the renewal date. Should Customer upgrade to the next major version of the Software (e.g., upgrade from 4.0 to 5.0), the Annual Support Fee for the upgraded version shall be the lesser of twenty percent (20%) of the then current list price of the license fee for such upgraded version, or the Annual Support Fee for the last renewal prior to renewing under Extended Support increased by the applicable Consumer Price Index (CPI)*, for the 12-month period preceding the renewal date.
So there you go.  It's something you'd have to be paying for anyhow, and my reading of that is that it's too late to get it now anyhow.
I think this will also mean that you're definitely out of luck in regards to any sort of patching going on for CFMX7.
Adam

Similar Messages

  • Subscribe to only coldfusion security bulletins

    How can I subscribe to *ONLY* coldfusion security bulletins.  Preferably CF9 only.
    thanks,
    jbee

    Is Microsoft is still releasing security bulletins for pre-SP1 Windows Server 2008 R2?  My guess is no.  The "service pack support end date" is listed as 4/9/2013.
    Which is exactly what that date means. No more updates for the previous SP level(s) of the product; no more
    support for systems running the previous SP level(s) of the product.
    But the admin thinks pre-SP1 is still eligible for security bulletins until the end of its Extended Support
    The 'admin' is incorrect, and this behavior is no different than it has been since the updates for Windows Server 2003 Service Pack 1 were cut off in April 2007. Following the cutoff date, updates are explicitly coded to ignore older SP level(s) of the product.
    This should be very easy to prove to your 'admin'. Show your 'admin' a WS2008R2 *RTM* machine in the WSUS console with one of those current updates released after April 2013 and observe very closely the
    Not Applicable status that is reported, and have the 'admin' contemplate why that is. Or, if no WSUS, just scan WU and try to find anything released after April 2013 in the list of available updates (assuming there are actually
    any available updates at all).
    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

  • Security Hotfix APSB10-18 for MX7 ?

    I just read about the the APSB10-18 Vulnerability (http://www.adobe.com/support/security/bulletins/apsb10-18.html).
    Since it says it is "... identified in ColdFusion 9.0.1 and earlier versions for Windows..." does that mean version 7 has this vulerability as well?
    If so, is there a patch for MX7 or do I need to upgrade?
    If I need to upgrade, which would be the better choice - 8 or 9?
    Many thanks in advance,
    Richard

    Welll, to answer my own question, after some testing, this is all that is needed to re-enable the validation functionality.
    C:\Inetpub\wwwroot\CFIDE\scripts
    My concern however is whether deleting all other CFIDE subfolders will take care of this problem, or does the exploit sonehow access other core functionality of Coldfusion.
    I'm scared.

  • Does coldfusion 8 support the implementation of WS-Security ?

    Does coldfusion support the implementation of WS-Security? We are  running Coldfusion 8 Enterprise Edition .We are trying to consume a web  service that is written in java on an IBM web sphere server. Can  coldfusion 8 consume this web service and pass in the required  WS-Security elements?
    Requirement : To consume a Webservice developed in java from coldfusion using WS-Secuirty mode .
    Environment used : Windows 2003, IIS 6, Coldfusion 8, SQl server  2005
    While trying to consume a public webservice through coldfusion , We received unable to read WSDL file and Unknown host exception error.
    Hence,  we are using <cfhttp to consume webservices.
    Can  you please advise how we can consume webservice using WS-Secuirty  (SHA-1)?

    swoodrich wrote:
    > Does coldfusion support the implementation of
    WS-Security? I am running
    > Coldfusion 8 Enterprise Edition as a stand alone server.
    I am trying to
    > consume a web service that is written in java on an IBM
    web sphere server. Can
    > coldfusion consume this web service and pass in the
    required WS-Security
    > elements?
    >
    > Also, is the reverse achievable... Can I create a web
    service that implements
    > WS-Security on a coldfusion server?
    As far as I know CF cannot consume or produce WS-Security.
    I've consumed
    a .net security enabled web service using raw XML. I think
    it's much
    harder to produce ws-security in CF (you're still going to do
    it raw
    just that it's harder).
    Mack

  • HT6041 does anyone have information re: motion 5.1 ? the latest security bulletin describes the need for it but neither  " software update: or the "app store"  seems to have it.

    I have read and re read this security bulletin and I have checked software update and the " app store" and there is no mention of "motion" or "motion 5.1"

    FWIW, here is the Apple troubleshooting note for Motion updates that aren't being offered, and the Apple best practices for Motion and related.   Here are the Mac App Store troubleshooting tips.

  • Security Bulletin for SharePoint 2013??

    Microsoft released the SharePoint 2013 version 5 Security bulletins.....in our enviorment do we need to apply all old bulletin or patching latest one will affect it.
    MS14-001  (Latest One) - 1/14/2014
    MS13-100 
    MS13-084
    MS13-067
    MS13-030  (4/9/2013)
     

    The bulletins will notate if they've superseded any patches. If not, you'll want to apply each one.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Web service error: WS Security can only be applied on a SOAP document

    Hello,
    I am facing the problem that when calling a web service I got this error message:
    005056B855B2002A0000013B000032C70005105EF7348C38 : WS Security can only be applied on a SOAP document.
    Some information about the webservice:
    Transport Binding: HTTP SOAP with Attachments
    Authentication: Basic
    Netweaver version: 7.01.06
    The webservice is based on EJB. Basically I want to add two operations in the webservice: one to accept attachment as input. the other one returns a file as attachment.
    Does anyone knows why this happens and how to resolve it? Thanks in advance!
    Regards,
    Grant

    Grant,
    Please refer this SNote, it may help you...
    1319507 - Overview: Analysis of ABAP Web Service
    Configuration
    Warm Regards,
    Agustuss

  • Does Crypto call admission control only apply to dynamic SAs?

    Hi,
    In my DMVPN phase 2 implementation, I have implemented crypto call admission control for IKE SAs on my spokes. This limit is set to 20 which is enough for my network.
    I have three hubs per region and site-to-site connectivity is only enabled on one of these routers.(hub 3). hub 1 & 2 only provide connectivity to other resources outside the DMVPN.
    If the IKE SA limit is reached on a spoke and there are other IKE requests which are being rejected - and let's say my hub1 goes down or the spoke just loses the tunnel.
    Before the tunnels to the hub1 is recovered, the spoke accepts the IKE requests which it was previously rejecting and again the IKE SA limit is reached. Now the hub1 are back on line – it will not be able to establish a tunnel ,right?
    If over a period of time the same thing happens with my hub2 then my spoke gets a bit isolated, right?
    The hubs have static IKE policy (unique PSKs) while the site-to-site tunnels are dynamic.
    In other words, does the crypto call admission limit apply only to dynamic crypto sessions or to all crypto sessions?
    I think the former. In that case, can a priority be configured for the static IKE SAs over the dynamic ones?
    Kind regards
    Nasir

    Nasir,
    There should not be a differentiator for CAC between static and dynamic. It counts overall IKE and IKE in-negotiations SAs. IKE doesn't necessarily need to know whether session is static or dynamic...
    http://www.cisco.com/en/US/docs/ios-xml/ios/security/a1/sec-cr-c3.html#GUID-84CA3908-A3C5-43E5-B8B5-0DED44EAEEC4
    You're right this is midleading, I'm going to get in touch with documentation team to make this a bit more explicit.
    M.

  • Parsing Microsoft Security Bulletin Web Pages

    I have been tasked with determining which bulletings are pertintent starting in 2013 to the present.  I am placing a link to the bulletin and other information on a spreadsheet.  I have a reference to the Internet Controls in my project.
    I need to determine which operating systems for each bulletin.
    I have been able to parse the security bulletins page by year (https://technet.microsoft.com/en-us/library/security/dn631924.aspx) to get the next level of the bulletin
    (https://technet.microsoft.com/library/security/ms13-106).
    My problem has come in parsing the affected software table.  Not all the bulletins have the same formatting from year to year or even within the same year. 
    I have been useing the DOM explorer in IE to help me find all the parts, but I have found many of the tags (table name) are empty so I am having to check each and every line and element to find the information I am looking for.
    My code is ending up with a number of if/elseif type of checks and is getting very complicated.  Does anyone have a solution for this already or am I missing something?
    Thanks in advance.

    Hi Shu Hu,
    I am able to parse the table and find all the tr tags.
    The problem I am having is the different layouts used on the web pages.
    The pages for the security bulletin's for 2013 (https://technet.microsoft.com/en-us/library/security/ms13-106.aspx)
    are a different format from the bulletin's for 2014 (https://technet.microsoft.com/library/security/ms14-085).
    Initally I thought I could find just tables but the table I am looking to parse is not the same index from page to page.  I thought I could use the table name attribute but that was not populated.  I started looking at each elelement on the HTML
    page until I found the text "Affected Software." Once I found the tag in the innerText field I looked for the next table to process the rows.
    I was hoping that the formatting would be the same from year to year but it is not so I was looking to see if there was a solution already but it does not look that way.
    I will take a closer look at the article you provided to see if that will help.

  • Microsoft Security Bulletin Advance Notificati​on for April 2011

    Wow! Microsoft's April Patch is planning 17 Bulletins to Fix 64 Bugs. As always it includes some security updates.
    https://www.microsoft.com/technet/security/bulleti​n/ms11-apr.mspx
    ThinkPad: T530 / X1 Gen 2 / Helix - Yoga: Tablet 2 Pro (Win) / Yoga 3 Pro
    If you find a post helpful and it answers your question, please click the "Accept As Solution" button.
    Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.
    Microsoft MVP - Consumer Security
    SpywareHammer

    Hi Shu Hu,
    I am able to parse the table and find all the tr tags.
    The problem I am having is the different layouts used on the web pages.
    The pages for the security bulletin's for 2013 (https://technet.microsoft.com/en-us/library/security/ms13-106.aspx)
    are a different format from the bulletin's for 2014 (https://technet.microsoft.com/library/security/ms14-085).
    Initally I thought I could find just tables but the table I am looking to parse is not the same index from page to page.  I thought I could use the table name attribute but that was not populated.  I started looking at each elelement on the HTML
    page until I found the text "Affected Software." Once I found the tag in the innerText field I looked for the next table to process the rows.
    I was hoping that the formatting would be the same from year to year but it is not so I was looking to see if there was a solution already but it does not look that way.
    I will take a closer look at the article you provided to see if that will help.

  • Security Bulletins for a computer not having internet access

    Where do I download Adobe Security Bulletins from to install on a computer not having internet access?

    You cannot download anything on a computer that does not have Internet Access.
    You can view security bulletins on another computer with Internet Access: http://helpx.adobe.com/security.html
    If you need to download offline installers: http://get.adobe.com/reader/enterprise/

  • Enabling ORM causes coldfusion.security.SecurityManager$UnauthenticatedCredentialsException

    I'm working on a Windows 2008 Enterprise server with ColdFusion 9 Standard datasourcing MySQL 5.1. When I enable ORM in my application.cfc I receive the following error:
    coldfusion.security.SecurityManager$UnauthenticatedCredentialsException
         at coldfusion.security.SecurityManager.authenticateAdmin(SecurityManager.java:1826)
         at coldfusion.featurerouter.handler.standard.StandardSecurityManager.authenticateAdmin(StandardSecurityManager.java:47)
         at coldfusion.sql.Executive.getDatasource(Executive.java:439)
         at coldfusion.orm.hibernate.HibernateConfiguration.initHibernateConfiguration(HibernateConfiguration.java:160)
         at coldfusion.orm.hibernate.HibernateConfiguration.<init>(HibernateConfiguration.java:141)
         at coldfusion.orm.hibernate.ConfigurationManager.initConfiguration(ConfigurationManager.java:69)
         at coldfusion.orm.hibernate.HibernateProvider.InitializeORMForApplication(HibernateProvider.java:182)
         at coldfusion.orm.hibernate.HibernateProvider.beforeApplicationStart(HibernateProvider.java:85)
         at coldfusion.filter.ApplicationFilter.fireBeforeAppStartEvent(ApplicationFilter.java:475)
         at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:221)
         at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:48)
         at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)
         at coldfusion.filter.PathFilter.invoke(PathFilter.java:87)
         at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70)
         at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
         at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
         at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46)
         at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
         at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
         at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:53)
         at coldfusion.CfmServlet.service(CfmServlet.java:200)
         at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
         at jrun.servlet.FilterChain.doFilter(FilterChain.java:86)
         at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)
         at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
         at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)
         at jrun.servlet.FilterChain.service(FilterChain.java:101)
         at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)
         at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)
         at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)
         at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)
         at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)
         at jrunx.scheduler.ThreadPool$DownstreamMetrics.invokeRunnable(ThreadPool.java:320)
         at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)
         at jrunx.scheduler.ThreadPool$UpstreamMetrics.invokeRunnable(ThreadPool.java:266)
         at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)
    I have confirmed the following:
    CF 9 ORM does work on my development environment for this same application.
    This error only occurs when I enable ORM for the CF application on this server.
    I previously thought that the MySQL user for ColdFusion may not have valid permissions. However, giving that user all permissions still did not fix the error.
    ORM was working for this same application in the past. One conclusion may be an issue with the latest CF hotfix provided by Adobe (which I did install about a month ago). However, I can confirm that the application did work AFTER that install.
    Any suggestions on how to get ORM working would be much appreciated!

    The only way I could resolve this error was to reinstall ColdFusion. I've even updated CF9 with the latest hotfix and it's running fine. I'll wait and see how it goes.

  • Adobe AIR 13 Runtime Security Bulletin for Windows or Mac

    According to 5/13/2014 - Release - AIR 13 Runtime and SDK, the update for Adobe AIR 13 on 5/13/2014 includes fixes and security updates "Security update details can be found here: Security Bulletin (APSB14-14)", we have two questions:
    1. Why the Adobe Air 13 runtime for Windows and Mac is not listed in the security bulletin APSB14-14, like APSB14-02?
    2. Was the version released before Adobe AIR 13.0.0.111 for Windows Adobe AIR 4.0.0.1390 or Adobe AIR 13.0.0.83?
    Thanks!
    -TeamOCD

    MacWorld did a comparative evaluation of the October 2008 MBA with 1.86 GHz processor and the Mid-2009 MBA with 2.13 GHz chip. Their conclusion was that that 1.86 CPU was actually FASTER than the 2.13 in most applications.
    http://www.macworld.com/article/141296/2009/06/macbookairmid09.html
    They speculated that the 2.13 chip was being throttled by Apple to control heat issues and that's why it tested SLOWER than the (supposedly) slower 1.86 part.
    Have to wait for testing of these new MBA units to know if the same thing occurs. But, for the Rev. B and C MBAs, the 1.86 part was actually faster in real world use!

  • When you create your Game Center ID, it does a Security Question, for what reason? It never asks you it!

    When you create your Game Center ID, it does a security question, for what reason? It never asks you it!

    App store frequently asked questions
    http://support.apple.com/kb/HT2001
    http://support.apple.com/kb/HE37

  • [Flex 4.5.1] How does Button's fontSize property gets applied to labelDisplay?

    How does Button's fontSize property gets applied to labelDisplay when lableDisplay's fontSize is not explicitly set. I just tested it it works but I don't know how. I looked through the ButtonBase class but I don't see any code applying the fontSize to the labelDisplay nor I see code in the Label to get parent's fontSize property if not set. Could someone explain to me how this works? I would be very grateful! Thanks !

    Ok I found it, thanks for the heads up. I pretty much get the idea of how things work now
    Could you please take a look at one more probably very simple to you question. I had to customize a button to be able to have 2 lables in it with different fontSize and topPadding in this case. I kinda copied some of the code from ButtonBase + added the styles and some code I needed to make it work.
    Here it is:
    package
        import flash.events.Event;
        import spark.components.Button;
        import spark.components.Label;
        [Style(name="numberFontSize", type="Number", format="Length", inherit="yes", minValue="1.0", maxValue="720.0")]
        [Style(name="numberPaddingTop", type="Number", format="Length", inherit="no", minValue="0.0", maxValue="1000.0")]
        public class DialPadButton extends Button
            public function DialPadButton()
                super();
            private var _numberContent:*;
            [SkinPart(required="false")]
            public var numberLabelDisplay:Label;
            [Bindable("numberContentChange")]
            public function get numberContent():Object
                return _numberContent;
            public function set numberContent(value:Object):void
                _numberContent = value;
                if (numberLabelDisplay)
                    numberLabelDisplay.text = label;
                dispatchEvent(new Event("numberContentChange"));
            public function set numberLabel(value:String):void
                numberContent = value;
            public function get numberLabel():String         
                return (numberContent != null) ? numberContent.toString() : "";
            override protected function partAdded(partName:String, instance:Object):void
                super.partAdded(partName, instance);
                if (instance == numberLabelDisplay)
                    if (_numberContent !== undefined)
                        numberLabelDisplay.text = numberLabel;
                    if(getStyle("numberFontSize"))
                        numberLabelDisplay.setStyle("fontSize", getStyle("numberFontSize"));
                    if(getStyle("numberPaddingTop") || getStyle("numberPaddingTop") == 0)
                        numberLabelDisplay.setStyle("paddingTop", getStyle("numberPaddingTop"));
            override public function styleChanged(styleProp:String):void
                if (!styleProp ||
                    styleProp == "styleName" ||
                    styleProp == "numberFontSize" ||
                    styleProp == "numberPaddingTop")
                    if (numberLabelDisplay){
                        if(getStyle("numberFontSize"))
                            numberLabelDisplay.setStyle("fontSize", getStyle("numberFontSize"));
                        if(getStyle("numberPaddingTop"))
                            numberLabelDisplay.setStyle("paddingTop", getStyle("numberPaddingTop"));
                super.styleChanged(styleProp);
    So here are the questions:
    1) If I am not going to use the styles in css then maybe I should better declare them as variables ?
    2) I don't really understand how does the button gets updated and redrawn when I set Styles or properties like that cause there is nowhere a call to invalidate the display list (at least I couldn't find in the Button and ButtonBase classes) as I read in the Flex docs: Overriding the styleChanged() method
    UPDATE: I forgot that setStyle calls invalidateDisplayList... and I just figured out that when the lable sets the text on the TextBase it calls the invalidates. I answered this one myself
    3) I don't understand why do I have this code (copied from the buttonBase):
    if (!styleProp ||
        styleProp == "styleName" ||
        styleProp == "numberFontSize" ||
        styleProp == "numberPaddingTop")
    instead of just the code below:
    if (styleProp == "numberFontSize" ||
       styleProp == "numberPaddingTop")
    5) I am also not sure why I had to use content and label (again copied from the ButtonBase) when they are basicly the same thing
    Currently with this Custom Component I've made, I am able to put 2 lables in the skin. One is the default. And the other one takes the default values I put on the label itself + uses the two styles numberFontSize and numberTopPadding to change that default values in case they need to be altered.
    Although this works, I am not sure if I did it the best way or why does it work as you can say from my 5 questions
    I hope you or someone who understands this have the time to answer them for me and anyone who reads this Thanks
    Message was edited by: FM_Flame

Maybe you are looking for

  • Delete Dialogue not appearing... can't delete songs from hard-drive

    After downloading ver 7.0.2 I can't delete songs from my hard-drive by deleting them in iTunes. There's supposed to be a dialogue(sp?) box that shows up when you delete a song in the main library (not in playlists), that asks you if you want to perma

  • Audio Level for the web

    What audio level does one set for video files to be viewed on a web page? (specifically Flash) I realise there is probably no "Standard" for this but what process/levels have others used.

  • URL iViews & File Download error.

    Hi Gurus, I am having a strange problem. I am having a URL iView and this is pointing to a site and whenever user  visit this iView, it gives file download dialog box. And the message which appears “Some files can harm your computer. If the ……”. Very

  • Best DSL router Settings?

    Im not sure how to explain it but I need the best setting for my wirless router so it is at its best performance. For example when I connect directly from my modem it gives me the best quality but when ever im connected wired from my router or wirles

  • New-SPWOPIBinding Failing with "The server did not respond"

    I am currently attempting to create a binding between my SharePoint environment and our Office Web Apps server. I am able to connect to the Office Web Apps server when I allow HTTP connections (on both the Web Apps Server and the SharePoint server) a