Adobe Document Server 6.0 Extensions - 'AlterCast?op' Cross-Site Scripting

EDB-ID:

27637




Platform:

Multiple

Date:

2006-04-13


source: https://www.securityfocus.com/bid/17500/info
 
Adobe Document Server for Reader Extensions, included with Graphics Server and Document Server, is prone to multiple vulnerabilities that may allow remote attackers to:
 
- perform cross-site scripting attacks
- gain access to potentially sensitive information
- bypass security restrictions to gain administrative access to the application.
 
Adobe Document Server for Reader Extensions version 6.0, included with Adobe Graphics Server 2.1 and Adobe Document Server 6.0, is vulnerable; other versions may also be affected.

http://www.example.com:8019/altercast/AlterCast?op=[code]