CVE-2006-1182

high

Description

Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25247

http://www.vupen.com/english/advisories/2006/0956

http://www.securityfocus.com/bid/17113

http://www.securityfocus.com/archive/1/427730/100/0/threaded

http://www.osvdb.org/23924

http://www.adobe.com/support/techdocs/332989.html

http://securitytracker.com/id?1015769

http://securitytracker.com/id?1015768

http://securityreason.com/securityalert/588

http://secunia.com/advisories/19229

Details

Source: Mitre, NVD

Published: 2006-03-16

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High