7.5

CVE-2006-1627

Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters.  NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues.  Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Reader Editionreader_extensions Version <= 6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.27% 0.898
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/15924
Vendor Advisory
http://secunia.com/secunia_research/2005-68/advisory/
Vendor Advisory
http://securitytracker.com/id?1015905
http://www.adobe.com/support/techdocs/322699.html
http://www.securityfocus.com/archive/1/430869/100/0/threaded
http://www.securityfocus.com/bid/17500
http://www.vupen.com/english/advisories/2006/1342
https://exchange.xforce.ibmcloud.com/vulnerabilities/25769