CVE-2015-3269 in HP and Adobe Products
Published on August 25, 2015

Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354169 and other products, allows remote attackers to read arbitrary files via an AMF message containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Vendor Advisory NVD

Products Associated with CVE-2015-3269

stack.watch emails you whenever new vulnerabilities are published in HP Business Service Management or Adobe Livecycle Data Services. Just hit a watch button to start following.

HP Business Service Management

Adobe Livecycle Data Services

Exploit Probability

EPSS

13.33%

Percentile

94.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-3269 in HP and Adobe ProductsPublished on August 25, 2015

Products Associated with CVE-2015-3269

Exploit Probability

CVE-2015-3269 in HP and Adobe Products
Published on August 25, 2015