Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1182

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-1182
Last Modified 07 Mar 2011 09:32:20
Published 15 Mar 2006 08:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2006-1182

Summary

Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.

Vulnerable Systems

Application

  • Adobe Document Server 5.0

  • Adobe Document Server 6.0

  • Adobe Graphics Server 2.0

  • Adobe Graphics Server 2.1


References

BID - 17113

BUGTRAQ - 20060315 Secunia Research: Adobe Document/Graphics Server File URI ResourceAccess

CONFIRM - http://www.adobe.com/support/techdocs/332989.html

SECTRACK - 1015769

SECUNIA - 19229

XF - adobe-unauth-command-access(25247)

VUPEN - ADV-2006-0956

OSVDB - 23924

SECTRACK - 1015768

SREASON - 588


Last Updated: 27 May 2016 10:41:58