The vulnerability of the Adobe LiveCycle ES4 form creation and editing program, related to deficiencies in the deserialization mechanism, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe LiveCycle ES4 form creation and editing program is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

CVE-2023-28500

A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. Adobe LiveCycle ES4 version 11.0.1 and later may...

CVE-2023-28500

A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. Adobe LiveCycle ES4 version 11.0.1 and later may...

CVE-2023-28500

The CVE-2023-28500 entry concerns a Java insecure deserialization vulnerability in Adobe LiveCycle ES4. Affected: ES4 11.0 and earlier; ES4 11.0.1+ may be vulnerable if Java is 7u21 or earlier. Root cause: insecure deserialization in the LiveCycle application. Impact: unauthenticated remote attac...

PT-2023-6619 · Oracle +1 · Java +1

Name of the Vulnerable Software and Affected Versions: Adobe LiveCycle ES4 versions 11.0 and earlier Adobe LiveCycle ES4 version 11.0.1 and later with Java environment 7u21 and earlier Description: A Java insecure deserialization vulnerability allows unauthenticated remote attackers to gain...