| ID |
CVE-2006-1182
|
| Summary |
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:adobe:document_server:5.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:document_server:5.0:*:*:*:*:*:*:*
-
cpe:2.3:a:adobe:document_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:document_server:6.0:*:*:*:*:*:*:*
-
cpe:2.3:a:adobe:graphics_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:graphics_server:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:adobe:graphics_server:2.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:graphics_server:2.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 2.6 (as of 18-10-2018 - 16:31) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:L/AC:H/Au:N/C:P/I:P/A:N
|
| refmap
via4
|
| bid | 17113 | | bugtraq | 20060315 Secunia Research: Adobe Document/Graphics Server File URI ResourceAccess | | confirm | http://www.adobe.com/support/techdocs/332989.html | | osvdb | 23924 | | sectrack | | | secunia | 19229 | | sreason | 588 | | vupen | ADV-2006-0956 | | xf | adobe-unauth-command-access(25247) |
|
| Last major update |
18-10-2018 - 16:31 |
| Published |
16-03-2006 - 01:02 |
| Last modified |
18-10-2018 - 16:31 |
