RSS   Podatności dla 'Document server'   RSS

2006-04-13
 
CVE-2006-1788

CWE-Other
 

 
Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.

 
 
CVE-2006-1787

CWE-Other
 

 
Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.

 
 
CVE-2006-1786

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue.

 
 
CVE-2006-1785

CWE-Other
 

 
Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this issue. In addition, since the issue requires administrative privileges to exploit, it is not clear whether this crosses security boundaries.

 
2006-03-15
 
CVE-2006-1182

CWE-Other
 

 
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.

 

 >>> Vendor: Adobe 146 Produkty
Framemaker
Coldfusion
Dreamweaver
Acrobat reader
Studio
JRUN
Acrobat
Acrobat business tools
Flash
Flash player
Digital editions
Adobe content server
Shockwave
Photodeluxe
Director
Contribute
Creative suite
Photoshop
Premiere
Svg viewer
Version cue
Shockwave player
Flash media server
Captivate
Elicensing
Fireworks
Freehand
FLEX
Illustrator
Indesign
Pagemaker
Document server
Graphics server
Livecycle form manager
Download manager
Flex sdk
Breeze licensed server
Adobe php ria sdk
Acrobat 3d
AIR
Bridge
Robohelp
Robohelp server
Golive
Photoshop elements
Adobe air
Connect enterprise server
Flash media server 2
Form client
Form designer
Reader
Livecycle workflow
Flex builder
Presenter
Commerce
Flash playe for linux
Flash player for linux
Blazeds
Flex data services
Lifecycle
Lifecycle data services
Photoshop cs4
Indesign cs3
Device central cs5
Premier pro cs4
Onlocation cs4
Indesign cs4
Extension manager cs5
Extendedscript toolkit cs5
Audition
Connect
Livecycle
Livecycle data services
Adobe reader
Flash player for android
Flash cs3
Flash cs4
Flash cs5.5
Illustrator cs5.5
Photoshop cs5.5
Adobe air sdk
Photoshop cs6
Livecycle designer es2
Livecycle designer
Device central cs4
Camera raw
Acrobat r2000eader
Adobe air sdk and compiler
Phonegap
Photoshop cs5
Photoshop cs5.1
Air sdk
Air sdk & compiler
Air sdk and compiler
Photoshop cc
Acrobat dc
Acrobat reader dc
Premiere clip
Air sdk \& compiler
Experience manager
Zobacz wszystkie produkty dla producenta Adobe


Copyright 2024, cxsecurity.com

 

Back to Top