CVE-2011-2093

Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability."

Published: Jun 17, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-2093
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
adobe / blazeds	-	4.0.1.x
adobe / livecycle_data_services	2.6	2.6.x
adobe / livecycle_data_services	3	3.x
adobe / livecycle_data_services	-	3.1.x
adobe / livecycle_data_services	2.5	2.5.x
adobe / livecycle_data_services	2.6.1	2.6.1.x
adobe / livecycle_data_services	2.5.1	2.5.1.x
adobe / livecycle	7.0	7.0.x
adobe / livecycle	8.2.1.3	8.2.1.3.x
adobe / livecycle	8.0.1.1	8.0.1.1.x
adobe / livecycle	-	9.0.0.2.x
adobe / livecycle	8.0.1.2	8.0.1.2.x
adobe / livecycle	6.0	6.0.x
adobe / livecycle	8.0.1	8.0.1.x

http://osvdb.org/73009
http://www.adobe.com/support/security/bulletins/apsb11-15.html
http://www.securityfocus.com/bid/48267
http://www.securitytracker.com/id?1025656
http://www.securitytracker.com/id?1025657
https://exchange.xforce.ibmcloud.com/vulnerabilities/68026

Vulnerability Database

289,784

CVE-2011-2093