Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 16/06/2011 Updated: 07/09/2011

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Adobe LiveCycle Data Services 3.1 and previous versions, LiveCycle 9.0.0.2 and previous versions, and BlazeDS 4.0.1 and previous versions do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows malicious users to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe blazeds
adobe livecycle data services 2.6.1
adobe livecycle data services 2.6
adobe livecycle data services
adobe livecycle data services 3
adobe livecycle data services 2.5.1
adobe livecycle data services 2.5
adobe livecycle 6.0
adobe livecycle 8.0.1
adobe livecycle 8.0.1.1
adobe livecycle 8.0.1.2
adobe livecycle
adobe livecycle 8.2.1.3
adobe livecycle 7.0

CWE-20 http://www.adobe.com/support/security/bulletins/apsb11-15.html http://www.securitytracker.com/id?1025656 http://www.securitytracker.com/id?1025657 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-2092

Vulnerability Summary

References

Vulmon Search

About

Products

Connect