Adobe LiveCycle Data Services 4.7

CPE Details

Adobe LiveCycle Data Services 4.7
adobe
livecycle_data_services
4.7
2015-08-25
10h23 +00:00
2015-08-27
16h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:adobe:livecycle_data_services:4.7:*:*:*:*:*:*:*

Informations

Vendor

adobe

Product

livecycle_data_services

Version

4.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-5255 2015-11-18 20h00 +00:00 Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data Services 3.0.x before 3.0.0.354175, 3.1.x before 3.1.0.354180, 4.5.x before 4.5.1.354177, 4.6.2.x before 4.6.2.354178, and 4.7.x before 4.7.0.354178, allows remote attackers to send HTTP traffic to intranet servers via a crafted XML document, related to a Server-Side Request Forgery (SSRF) issue.
4.3
CVE-2015-3269 2015-08-24 23h00 +00:00 Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
5