CVE-2011-2093

EUVD-2011-2085
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
adobeblazeds
𝑥
≤ 4.0.1
adobelivecycle_data_services
𝑥
≤ 3.1
adobelivecycle_data_services
2.5
adobelivecycle_data_services
2.5.1
adobelivecycle_data_services
2.6
adobelivecycle_data_services
2.6.1
adobelivecycle
𝑥
≤ 9.0.0.2
adobelivecycle
6.0
adobelivecycle
7.0
adobelivecycle
8.0.1
adobelivecycle
8.0.1.1
adobelivecycle
8.0.1.2
adobelivecycle
8.2.1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/73009
http://www.adobe.com/support/security/bulletins/apsb11-15.html
http://www.securityfocus.com/bid/48267
http://www.securitytracker.com/id?1025656
http://www.securitytracker.com/id?1025657
https://exchange.xforce.ibmcloud.com/vulnerabilities/68026
http://osvdb.org/73009
http://www.adobe.com/support/security/bulletins/apsb11-15.html
http://www.securityfocus.com/bid/48267
http://www.securitytracker.com/id?1025656
http://www.securitytracker.com/id?1025657
https://exchange.xforce.ibmcloud.com/vulnerabilities/68026