- EPSS 2.27%
- Published 16.06.2011 23:55:01
- Last modified 11.04.2025 00:51:21
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecifie...
- EPSS 2.8%
- Published 16.06.2011 23:55:01
- Last modified 11.04.2025 00:51:21
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex objec...
CVE-2009-3960
- EPSS 86.27%
- Published 15.02.2010 18:30:00
- Last modified 11.04.2025 00:51:21
Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain se...