CyberSec.Space Logo
Back to CVE Browser

CVE-2011-2092

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile13.06th
PublishedJun 16, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."

Affected Platforms (CPE)

πŸ“¦
Adobe

Blazeds

<= 4.0.1
πŸ“¦
Adobe

Livecycle Data Services

<= 3.1
πŸ“¦
Adobe

Livecycle Data Services

= 2.5
πŸ“¦
Adobe

Livecycle Data Services

= 2.5.1
πŸ“¦
Adobe

Livecycle Data Services

= 2.6
πŸ“¦
Adobe

Livecycle Data Services

= 2.6.1
πŸ“¦
Adobe

Livecycle Data Services

= 3
πŸ“¦
Adobe

Livecycle

<= 9.0.0.2
πŸ“¦
Adobe

Livecycle

= 6.0
πŸ“¦
Adobe

Livecycle

= 7.0
πŸ“¦
Adobe

Livecycle

= 8.0.1
πŸ“¦
Adobe

Livecycle

= 8.0.1.1
πŸ“¦
Adobe

Livecycle

= 8.0.1.2
πŸ“¦
Adobe

Livecycle

= 8.2.1.3

References & Advisories

πŸ”— http://www.adobe.com/support/security/bulletins/apsb11-15.html
πŸ”— http://www.securitytracker.com/id?1025656
πŸ”— http://www.securitytracker.com/id?1025657
πŸ”— http://www.adobe.com/support/security/bulletins/apsb11-15.html
πŸ”— http://www.securitytracker.com/id?1025656
πŸ”— http://www.securitytracker.com/id?1025657

Related Vulnerabilities

CVE-2018-147199.8

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block ...

CVE-2017-30669.8

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java d...

CVE-2017-56419.8

Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deseriali...

CVE-2007-00189.3

Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allo...