2 matches found
CVE-2023-28500
A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. Adobe LiveCycle ES4 version 11.0.1 and later may...
CVE-2023-28500
The CVE-2023-28500 entry concerns a Java insecure deserialization vulnerability in Adobe LiveCycle ES4. Affected: ES4 11.0 and earlier; ES4 11.0.1+ may be vulnerable if Java is 7u21 or earlier. Root cause: insecure deserialization in the LiveCycle application. Impact: unauthenticated remote attac...