Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2010-02-15T18:00:00

Updated: 2024-08-07T06:45:50.647Z

Reserved: 2009-11-16T00:00:00

Link: CVE-2009-3960

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2010-02-15T18:30:00.407

Modified: 2024-12-19T18:09:00.497

Link: CVE-2009-3960

cve-icon Redhat

No data.