PT-2011-3583 · Adobe · Livecycle+2

Published

2011-06-16

Updated

2017-08-29

CVE-2011-2093

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Adobe LiveCycle Data Services versions 3.1 and earlier LiveCycle versions 9.0.0.2 and earlier BlazeDS versions 4.0.1 and earlier

Description The issue is related to a complex object graph vulnerability, where the software does not properly handle object graphs. This allows attackers to cause a denial of service via unspecified vectors.

Recommendations For Adobe LiveCycle Data Services versions 3.1 and earlier, update to a version later than 3.1 to resolve the issue. For LiveCycle versions 9.0.0.2 and earlier, update to a version later than 9.0.0.2 to resolve the issue. For BlazeDS versions 4.0.1 and earlier, update to a version later than 4.0.1 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2011-2093

Affected Products

Livecycle Data Services

Blazeds

Livecycle

PT-2011-3583 · Adobe · Livecycle+2

CVE-2011-2093

Weakness Enumeration

Related Identifiers

Affected Products

References · 7