| VID |
22406 |
| Severity |
40 |
| Port |
8019 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Adobe Document/Graphics Server is vulnerable to multiple remote vulnerabilities which exist in versions prior to Reader Extensions 6.1. Adobe Document Server for Reader Extensions version 6.0, included with Adobe Graphics Server versions 2.0 and 2.1 and Adobe Document Server versions 5.0 and 6.0, is vulnerable to multiple vulnerabilities that may allow remote attackers to:
- perform cross-site scripting attacks
- gain access to potentially sensitive information
- bypass security restrictions to gain administrative access to the application.
* References:
http://www.adobe.com/support/techdocs/322699.html
http://www.adobe.com/support/techdocs/331915.html
http://www.adobe.com/support/techdocs/331917.html
http://secunia.com/secunia_research/2005-68/advisory/
http://secunia.com/advisories/15924/
* Platforms Affected:
Adobe Document Server 5.0, 6.0
Adobe Document Server for Reader Ext 6.0
Adobe Graphics Server 2.0, 2.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of Adobe Document Server for Read Extensions (6.1 or later) or the latest version of LiveCycle Reader Extensions (7.0 or later), as described in Adobe Support Knowledgebase Document 322699 at http://www.adobe.com/support/techdocs/322699.html |
| Related URL |
CVE-2006-1627,CVE-2006-1785,CVE-2006-1786,CVE-2006-1787,CVE-2006-1788 (CVE) |
| Related URL |
17500 (SecurityFocus) |
| Related URL |
25769,25770,25771,25772,25773 (ISS) |
|
