I began using FCKEditor long before it was included with Coldfusion. I've continued to use my own implemenation even after the release of Coldfusion 8.

There was a vulnerability found in the included FCKEditor: http://www.adobe.com/support/security/bulletins/apsb09-09.html

I applied the patch to my server and it also broke my own FCKEditor instance. I received "403 Access Denied" errors when using the FCKEditor file browser. After much time and effort the solution is pretty simple:

Add this to your JVM args in jvm.config: -Dcoldfusion.fckupload=true

***CAREFUL about copying an pasting the text above. Hidden carriage returns will cause CF to fail on startup.***

Even if you are not using the Coldfusion FCKEditor you still need to enable FCKEditor uploads. The updated JAR must have a built-in request filter for "filemanager".