- Description
- Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 2.6
- Impact score
- 4.9
- Exploitability score
- 1.9
- Vector string
- AV:L/AC:H/Au:N/C:P/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:document_server:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5134806E-933A-420A-AE8B-F8A4491C21B4"
},
{
"criteria": "cpe:2.3:a:adobe:document_server:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BD4A8E3-DF14-43DE-9B36-52A82B8E8869"
},
{
"criteria": "cpe:2.3:a:adobe:graphics_server:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2855B3E0-230A-407A-8B20-05BA79084C82"
},
{
"criteria": "cpe:2.3:a:adobe:graphics_server:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0404AFA3-6E18-40FA-9DA8-AD33F023CD49"
}
],
"operator": "OR"
}
]
}
]