CVE-2006-1182
First published: Thu Mar 16 2006(Updated: )
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Graphics Server | =2.1 | |
| Adobe Document Server | =5.0 | |
| Adobe Graphics Server | =2.0 | |
| Adobe Document Server | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.adobe.com/support/techdocs/332989.html
- http://www.securityfocus.com/bid/17113
- http://securitytracker.com/id?1015769
- http://secunia.com/advisories/19229
- http://securitytracker.com/id?1015768
- http://www.osvdb.org/23924
- http://securityreason.com/securityalert/588
- http://www.vupen.com/english/advisories/2006/0956
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25247
- http://www.securityfocus.com/archive/1/427730/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-1182?
CVE-2006-1182 has been classified as a high-severity vulnerability due to its potential for local file access and arbitrary file overwrite.
How do I fix CVE-2006-1182?
To fix CVE-2006-1182, update to the latest versions of Adobe Graphics Server and Adobe Document Server, as the vulnerability has been addressed in those updates.
Who is affected by CVE-2006-1182?
CVE-2006-1182 affects local users of Adobe Graphics Server versions 2.0 and 2.1, and Adobe Document Server versions 5.0 and 6.0.
What types of files can be accessed due to CVE-2006-1182?
CVE-2006-1182 allows local users to read files with certain extensions on the affected systems.
What kind of attack is possible with CVE-2006-1182?
CVE-2006-1182 could enable an attacker to execute arbitrary code through crafted SOAP requests targeting the affected Adobe services.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/adobe
- canonical/adobe graphics server
- version/adobe graphics server/2.1
- canonical/adobe document server
- version/adobe document server/5.0
- version/adobe graphics server/2.0
- version/adobe document server/6.0