Lucene search

K

[email protected]NVD:CVE-2009-3960

HistoryFeb 15, 2010 - 6:30 p.m.

CVE-2009-3960

2010-02-1518:30:00

[email protected]

web.nvd.nist.gov

1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.

Affected configurations

NVD

Node

adobeblazedsRange≤3.2

OR

adobecoldfusionMatch7.0.2

OR

adobecoldfusionMatch8.0

OR

adobecoldfusionMatch8.0.1

OR

adobecoldfusionMatch9.0

OR

adobeflex_data_servicesMatch2.0.1

OR

adobelifecycleMatch8.0.1

OR

adobelifecycleMatch8.2.1

OR

adobelifecycleMatch9.0

OR

adobelifecycle_data_servicesMatch2.5.1

OR

adobelifecycle_data_servicesMatch2.6.1

OR

adobelifecycle_data_servicesMatch3.0

References

secunia.com/advisories/38543

securitytracker.com/id?1023584

www.adobe.com/support/security/bulletins/apsb10-05.html

www.osvdb.org/62292

www.securityfocus.com/bid/38197

www.exploit-db.com/exploits/41855/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%

Related for NVD:CVE-2009-3960

zdt1 cve1 openvas1 dsquare1 exploitpack1 seebug1 packetstorm2 nessus1 checkpoint_advisories1 securityvulns2 cvelist1 attackerkb1 cisa_kev1 prion1 d21 exploitdb1 thn1 threatpost1 nmap1 cisa1