CVE-2011-2093

Adobe LiveCycle Data Services <3.1 - DoS

Title source: llm
STIX 2.1

Description

Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly handle object graphs, which allows attackers to cause a denial of service via unspecified vectors, related to a "complex object graph vulnerability."

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48267
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68026
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1025656
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb11-15.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/73009
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1025657

Scores

EPSS 0.0377
EPSS Percentile 88.7%

Details

CWE
CWE-20
Status published
Products (14)
adobe/blazeds < 4.0.1
adobe/livecycle 6.0
adobe/livecycle 7.0
adobe/livecycle 8.0.1
adobe/livecycle 8.0.1.1
adobe/livecycle 8.0.1.2
adobe/livecycle 8.2.1.3
adobe/livecycle < 9.0.0.2
adobe/livecycle_data_services 2.5
adobe/livecycle_data_services 2.5.1
... and 4 more
Published Jun 16, 2011
Tracked Since Feb 18, 2026