Vulnerability Description
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Adobe Content Server | 3.0 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0020.htmlVendor Advisory
- http://marc.info/?l=vuln-dev&m=102649215618643&w=2
- http://marc.info/?l=vuln-dev&m=102650064028760&w=2
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0020.htmlVendor Advisory
- http://marc.info/?l=vuln-dev&m=102649215618643&w=2
- http://marc.info/?l=vuln-dev&m=102650064028760&w=2
FAQ
What is CVE-2002-1020?
CVE-2002-1020 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the ser...
How severe is CVE-2002-1020?
CVE-2002-1020 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1020?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Adobe Content Server.