RSS   Vulnerabilities for 'Livecycle data services'   RSS

2015-11-18
 
CVE-2015-5255

CWE-20
 

 
Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.

 
2015-08-24
 
CVE-2015-3269

CWE-200
 

 
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

 
2011-06-16
 
CVE-2011-2093

 

 
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability."

 
 
CVE-2011-2092

CWE-20
 

 
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."

 

 >>> Vendor: Adobe 146 Products
Framemaker
Coldfusion
Dreamweaver
Acrobat reader
Studio
JRUN
Acrobat
Acrobat business tools
Flash
Flash player
Digital editions
Adobe content server
Shockwave
Photodeluxe
Director
Contribute
Creative suite
Photoshop
Premiere
Svg viewer
Version cue
Shockwave player
Flash media server
Captivate
Elicensing
Fireworks
Freehand
FLEX
Illustrator
Indesign
Pagemaker
Document server
Graphics server
Livecycle form manager
Download manager
Flex sdk
Breeze licensed server
Adobe php ria sdk
Acrobat 3d
AIR
Bridge
Robohelp
Robohelp server
Golive
Photoshop elements
Adobe air
Connect enterprise server
Flash media server 2
Form client
Form designer
Reader
Livecycle workflow
Flex builder
Presenter
Commerce
Flash playe for linux
Flash player for linux
Blazeds
Flex data services
Lifecycle
Lifecycle data services
Photoshop cs4
Indesign cs3
Device central cs5
Premier pro cs4
Onlocation cs4
Indesign cs4
Extension manager cs5
Extendedscript toolkit cs5
Audition
Connect
Livecycle
Livecycle data services
Adobe reader
Flash player for android
Flash cs3
Flash cs4
Flash cs5.5
Illustrator cs5.5
Photoshop cs5.5
Adobe air sdk
Photoshop cs6
Livecycle designer es2
Livecycle designer
Device central cs4
Camera raw
Acrobat r2000eader
Adobe air sdk and compiler
Phonegap
Photoshop cs5
Photoshop cs5.1
Air sdk
Air sdk & compiler
Air sdk and compiler
Photoshop cc
Acrobat dc
Acrobat reader dc
Premiere clip
Air sdk \& compiler
Experience manager
See all Products for Vendor Adobe


Copyright 2024, cxsecurity.com

 

Back to Top