CVE-2011-2092
Published Jun 16, 2011
Last updated 13 years ago
Overview
- Description
- Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."
- Source
- psirt@adobe.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:blazeds:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "007166D5-D7B0-486C-B4B6-C239906EF8D3",
"versionEndIncluding": "4.0.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FA36866-F153-47DE-871E-D92DBD8A1C2B",
"versionEndIncluding": "3.1"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "289238E6-C234-4191-911C-C6F0E51A3E1D"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "262ED6C7-3C78-4863-9056-A9D55C7DB6CC"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8606C261-650F-43AF-BE2D-52DACFB94BBC"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:2.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEFE9CD7-0DB5-4038-AFB5-1B756186605C"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle_data_services:3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37973B36-6229-498A-936E-D621E2ED90C6"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:livecycle:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E1BE8C5-F3EA-4F74-8ABE-BB5A7127DED3",
"versionEndIncluding": "9.0.0.2"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "123AE8CC-080C-4684-9818-CCEC5ACC1E60"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D59B6009-B1B1-4FE1-8330-777473CF9EEA"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:8.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3890CE6C-D8D0-4406-ACE1-9849CFCA72F4"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:8.0.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55624316-BCFD-4555-92F0-EF5271B86081"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:8.0.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89AE5D48-8552-4DB5-97A3-4D401559AB81"
},
{
"criteria": "cpe:2.3:a:adobe:livecycle:8.2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2C91FA2-9DBB-4B06-8DBF-D7951A947087"
}
],
"operator": "OR"
}
]
}
]