Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 05 Feb 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe livecycle
Adobe livecycle Data Services |
|
CPEs | cpe:2.3:a:adobe:lifecycle:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:lifecycle:9.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:lifecycle_data_services:2.5.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:lifecycle_data_services:2.6.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:lifecycle_data_services:3.0:*:*:*:*:*:*:* |
cpe:2.3:a:adobe:livecycle:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:livecycle:8.2.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:livecycle:9.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:livecycle_data_services:2.5.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:livecycle_data_services:2.6.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:livecycle_data_services:3.0:*:*:*:*:*:*:* |
Vendors & Products |
Adobe lifecycle
Adobe lifecycle Data Services |
Adobe livecycle
Adobe livecycle Data Services |
Tue, 04 Feb 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|

Status: PUBLISHED
Assigner: adobe
Published:
Updated: 2025-07-30T01:47:05.842Z
Reserved: 2009-11-16T00:00:00.000Z
Link: CVE-2009-3960

Updated: 2024-08-07T06:45:50.647Z

Status : Deferred
Published: 2010-02-15T18:30:00.407
Modified: 2025-04-11T00:51:21.963
Link: CVE-2009-3960

No data.

No data.