CVE-2006-1786

Currently unrated

Key Information:

Vendor: Adobe
Status: Document Server
Vendor: CVE Published:; 13 April 2006

Summary

Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue.

References

http://www.securityfocus.com/archive/1/430869/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/24589

vdb-entryx_refsource_OSVDB

http://www.adobe.com/support/techdocs/322699.html

x_refsource_MISC

Timeline

Vulnerability published
Apr 13, 2006
Vulnerability Reserved
Apr 13, 2006