Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2015-3269
HistoryAug 25, 2015 - 1:00 a.m.

CVE-2015-3269

2015-08-2501:00:00
redhat
www.cve.org
7

AI Score

5

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON

Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Related

nessus 4
threatpost 3
zdi 1
securityvulns 2
adobe 1
nvd 1
zdt 1
cve 1
prion 1
myhack58 2
vmware 2
cert 2
seebug 1
nessus
nessus
HP Operations Manager i Apache Flex BlazeDS External Entity Injection Vulnerability
2016-03-09 00:00:00
Adobe ColdFusion BlazeDS XXE (APSB15-21) (credentialed check)
2015-09-03 00:00:00
VMware vCenter Multiple Vulnerabilities (VMSA-2015-0008)
2015-12-22 00:00:00
threatpost
threatpost
VMware Patches Pesky XXE Bug in Flex BlazeDS
2015-11-20 16:36:23
Adobe LiveCycle Data Services Hotfix
2015-08-18 12:46:31
Adobe ColdFusion Hotfix
2015-08-27 14:08:42
zdi
zdi
Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability
2022-03-11 00:00:00
securityvulns
securityvulns
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability
2015-08-24 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2015-08-24 00:00:00
adobe
adobe
APSB15-20 Security update available for LiveCycle Data Services
2015-08-18 00:00:00
nvd
nvd
CVE-2015-3269
2015-08-25 01:59:00
zdt
zdt
Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability
2015-08-20 00:00:00
cve
cve
CVE-2015-3269
2015-08-25 01:59:00
prion
prion
Xxe
2015-08-25 01:59:00
myhack58
myhack58
Java AMF3 deserialization vulnerability analysis-vulnerability warning-the black bar safety net
2017-04-07 00:00:00
Java AMF3 exposure remote code execution vulnerability-vulnerability warning-the black bar safety net
2017-04-07 00:00:00
vmware
vmware
VMware product updates address information disclosure issue.
2015-11-18 00:00:00
VMware product updates address information disclosure issue.
2015-11-18 00:00:00
cert
cert
Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities
2016-03-24 00:00:00
Action Message Format (AMF3) Java implementations are vulnerable to insecure deserialization and XML external entities references
2017-04-04 00:00:00
seebug
seebug
AMF3 Java implementations Improper Restriction of XML External Entity Reference ('XXE')
2017-04-06 00:00:00

AI Score

5

Confidence

High

EPSS

0.009

Percentile

82.5%

JSON
Related for CVELIST:CVE-2015-3269
nessus4threatpost3zdi1securityvulns2adobe1nvd1zdt1cve1prion1myhack582vmware2cert2seebug1