Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2093 | 1 Adobe | 3 Blazeds, Livecycle, Livecycle Data Services | 2017-08-28 | 5.0 MEDIUM | N/A |
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability." | |||||
CVE-2016-6934 | 1 Adobe | 2 Experience Manager Forms, Livecycle | 2016-12-23 | 4.3 MEDIUM | 6.1 MEDIUM |
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the PMAdmin module that could be used in cross-site scripting attacks. | |||||
CVE-2016-6933 | 1 Adobe | 2 Experience Manager, Livecycle | 2016-12-22 | 4.3 MEDIUM | 6.1 MEDIUM |
Adobe Experience Manager Forms versions 6.2 and earlier, LiveCycle 11.0.1, LiveCycle 10.0.4 have an input validation issue in the AACComponent that could be used in cross-site scripting attacks. | |||||
CVE-2011-2092 | 1 Adobe | 3 Blazeds, Livecycle, Livecycle Data Services | 2011-09-06 | 10.0 HIGH | N/A |
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability." |