Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
References
Link | Resource |
---|---|
http://secunia.com/advisories/38543 | Broken Link |
http://securitytracker.com/id?1023584 | Broken Link Third Party Advisory VDB Entry |
http://www.adobe.com/support/security/bulletins/apsb10-05.html | Not Applicable Vendor Advisory |
http://www.osvdb.org/62292 | Broken Link |
http://www.securityfocus.com/bid/38197 | Broken Link Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/41855/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
16 Jul 2024, 17:43
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
References | () http://secunia.com/advisories/38543 - Broken Link | |
References | () http://securitytracker.com/id?1023584 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.adobe.com/support/security/bulletins/apsb10-05.html - Not Applicable, Vendor Advisory | |
References | () http://www.osvdb.org/62292 - Broken Link | |
References | () http://www.securityfocus.com/bid/38197 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://www.exploit-db.com/exploits/41855/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2010-02-15 18:30
Updated : 2024-07-16 17:43
NVD link : CVE-2009-3960
Mitre link : CVE-2009-3960
CVE.ORG link : CVE-2009-3960
JSON object : View
Products Affected
adobe
- blazeds
- coldfusion
- flex_data_services
- lifecycle_data_services
- lifecycle
CWE