Back to CVE Browser

CVE-2009-3960

Known Exploited (CISA KEV)MEDIUM

6.5

CVSS Severity Score

EPSS Score75.2400%

EPSS Percentile89.87th

PublishedFeb 15, 2010

Last ModifiedApr 21, 2026

Vulnerability Description

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.

Affected Platforms (CPE)

📦

Adobe

Blazeds

<= 3.2

📦

Adobe

Coldfusion

= 7.0.2

📦

Adobe

Coldfusion

= 8.0

📦

Adobe

Coldfusion

= 8.0.1

📦

Adobe

Coldfusion

= 9.0

📦

Adobe

Flex Data Services

= 2.0.1

📦

Adobe

Livecycle

= 8.0.1

📦

Adobe

Livecycle

= 8.2.1

📦

Adobe

Livecycle

= 9.0

📦

Adobe

Livecycle Data Services

= 2.5.1

📦

Adobe

Livecycle Data Services

= 2.6.1

📦

Adobe

Livecycle Data Services

= 3.0

References & Advisories

🔗 http://secunia.com/advisories/38543

🔗 http://securitytracker.com/id?1023584

🔗 http://www.adobe.com/support/security/bulletins/apsb10-05.html

🔗 http://www.osvdb.org/62292

🔗 http://www.securityfocus.com/bid/38197

🔗 https://www.exploit-db.com/exploits/41855/

🔗 http://secunia.com/advisories/38543

🔗 http://securitytracker.com/id?1023584

Related Vulnerabilities

CVE-2011-209210.0

Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restri...

CVE-2017-56419.8

Previous versions of Apache Flex BlazeDS (4.7.2 and earlier) did not restrict which types were allowed for AMF(X) object deseriali...

CVE-2017-30669.8

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java d...

CVE-2018-147199.8

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block ...