Lucene search
K
AdobeLivecycle

5 matches found

CVE
CVE
added 2010/02/15 6:0 p.m.1054 views

CVE-2009-3960

CVE-2009-3960 is an information-disclosure vulnerability in Adobe BlazeDS and related Adobe data services components (e.g., LiveCycle, ColdFusion) where XML External Entity/XML Injection flaws can allow remote attackers to obtain sensitive information. Root cause: injected tags and external entit...

6.5CVSS8.8AI score0.90118EPSS
In wildWeb
CVE
CVE
added 2016/12/15 6:31 a.m.115 views

CVE-2016-6934

CVE-2016-6934 affects Adobe Experience Manager Forms (versions 6.2 and earlier) and LiveCycle (11.0.1 and 10.0.4) with an input validation issue in the PMAdmin module that can enable cross-site scripting. Public sources link this to two input-validation vulnerabilities in AEM Forms; NVD lists CVS...

6.1CVSS5.9AI score0.02605EPSS
CVE
CVE
added 2016/12/15 6:31 a.m.106 views

CVE-2016-6933

CVE-2016-6933 affects Adobe Experience Manager Forms (Versions 6.2 and earlier) and LiveCycle (11.0.1, 10.0.4) with an input validation issue in the AACComponent that could be exploited for cross-site scripting. Connected advisories (e.g., APSB16-40) indicate Adobe released security updates addre...

6.1CVSS5.9AI score0.02004EPSS
CVE
CVE
added 2011/06/16 11:0 p.m.63 views

CVE-2011-2093

CVE-2011-2093 affects Adobe LiveCycle Data Services (versions 3.1 and earlier), LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier. The vulnerability arises from improper handling of object graphs, described as a “complex object graph vulnerability,” which can allow an attacker to cause...

5CVSS6.7AI score0.03772EPSS
CVE
CVE
added 2011/06/16 11:0 p.m.57 views

CVE-2011-2092

CVE-2011-2092 affects Adobe products: LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier. The root cause is improper restriction during deserialization of AMF and AMFX data that allows creation of classes, leading to an unresolved impact via unkn...

10CVSS6.8AI score0.06062EPSS