NVD

Id
8914  
Name
CVE-2011-2092  
Description
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-06-16  
Modified Date
2011-09-06  
Seq
2011-2092  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
51229 8914 CVE-2011-2092 http://www.adobe.com/support/security/bulletins/apsb11-15.html  View
51230 8914 CVE-2011-2092 1025656  View
51231 8914 CVE-2011-2092 1025657  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
31537 JVNDB-2011-001777 複数の Adobe 製品における詳細不明な脆弱性 複数の Adobe 製品は、AMF および AMFX データのデシリアライズ処理の間、クラスの制限処理を適切に行わないため、詳細不明な脆弱性が存在します。 CVE-2011-2092 49999 CVE-2011-2092 8914 10 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001777.html 2011-06-14 2013-03-26 View