Lucene search

[email protected]CVE-2011-2093

HistoryJun 16, 2011 - 11:55 p.m.

CVE-2011-2093

2011-06-1623:55:01

CWE-20

[email protected]

web.nvd.nist.gov

adobe

livecycle

data services

blazeds

complex object graph

vulnerability

denial of service

cve-2011-2093

nvd

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

77.2%

JSON

Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a “complex object graph vulnerability.”

Affected configurations

NVD

Node

adobeblazedsRange≤4.0.1

Node

adobelivecycle_data_servicesRange≤3.1

adobelivecycle_data_servicesMatch2.5

adobelivecycle_data_servicesMatch2.5.1

adobelivecycle_data_servicesMatch2.6

adobelivecycle_data_servicesMatch2.6.1

adobelivecycle_data_servicesMatch3

Node

adobelivecycleRange≤9.0.0.2

adobelivecycleMatch6.0

adobelivecycleMatch7.0

adobelivecycleMatch8.0.1

adobelivecycleMatch8.0.1.1

adobelivecycleMatch8.0.1.2

adobelivecycleMatch8.2.1.3

CPENameOperatorVersion
adobe:blazedsadobe blazedsle4.0.1

CPE	Name	Operator	Version
adobe:blazeds	adobe blazeds	le	4.0.1

References

osvdb.org/73009

www.adobe.com/support/security/bulletins/apsb11-15.html

www.securityfocus.com/bid/48267

www.securitytracker.com/id?1025656

www.securitytracker.com/id?1025657

exchange.xforce.ibmcloud.com/vulnerabilities/68026

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

77.2%

JSON

Related for CVE-2011-2093

nvd1 prion1 cvelist1 nessus1