Remote Code Execution Vulnerability in Adobe Content Server
CVE-2002-1019

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Content Server
Vendor: CVE Published:; 4 October 2002

Summary

The Adobe Content Server 3.0 features a library function that can be exploited by a remote attacker through manipulation of the loanMin parameter in the download process. This flaw permits unauthorized eBook checkouts for arbitrary durations, potentially leading to abuse of the eBook lending system and unauthorized access to content.

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/...

mailing-listx_refsource_VULNWATCH

http://marc.info/?l=vuln-dev&m=102650064028760&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=vuln-dev&m=102649215618643&w=2

mailing-listx_refsource_VULN-DEV

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 27, 2002