1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Adobe patches important flaw in LiveCycle Data Services

Discussion in 'Network World' started by RSS, Aug 19, 2015.

  1. RSS

    RSS New Member Member

    Adobe Systems released a security patch for LiveCycle Data Services, a development tool used by businesses to synchronize data between back-end servers and rich Internet applications built with Adobe Flex or AIR.

    The hotfix is available for LiveCycle Data Services 3.0.0, 4.5.1, 4.6.2 and 4.7.0 and addresses a vulnerability that could lead to information disclosure.

    The flaw is tracked as CVE-2015-3269 in the Common Vulnerabilities and Exposures database and is rated important by Adobe.

    The issue is associated with parsing crafted XML entities and falls into a class of vulnerabilities known as XML External Entity (XXE).

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page