Release date: August 18, 2015
Last updated: August 28, 2015
Vulnerability identifier: APSB15-20
Priority: See table below
CVE number: CVE-2015-3269
Platform: All Platforms
Adobe has released a security hotfix for LiveCycle Data Services. This hotfix addresses an important vulnerability that could result in information disclosure. Adobe recommends users apply the available patch using the instructions provided in the "Solution" section below.
Product | Affected Versions | Platform |
---|---|---|
LiveCycle Data Services | 4.7, 4.6.2, 4.5, 3.1.x, 3.0.x | Windows, Macintosh and Unix |
Adobe categorizes this hotfix with the following priority rating and recommends users apply the relevant patch available below using the instructions provided in this KB article:
Version | File Contents | Checksum (SHA1) |
---|---|---|
4.7.0.354169 |
flex-messaging-core.jar |
13913aeeab44cca926311d69beab7144acd5cd69 |
4.6.2.354169 |
flex-messaging-core.jar | 13913aeeab44cca926311d69beab7144acd5cd69 |
4.5.1.354169 |
flex-messaging-core.jar | 1a7caded7b92da7f7a339b4708a70a6bc0c38a0c |
3.1.0.354173 | flex-messaging-core.jar | 0b6e26f5f7a70c524bdd56642a2a3201dc0a3687 |
3.0.0.354170 |
flex-messaging-core.jar | 0b6e26f5f7a70c524bdd56642a2a3201dc0a3687 |
This hotfix resolves an issue associated with parsing crafted XML entities that could lead to information disclosure (CVE-2015-3269).