CVE-2006-1627
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
13/04/2006
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:adobe:acrobat_reader:*:*:reader_extensions:*:*:*:*:* | 6.0 (incluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory/
- http://securitytracker.com/id?1015905=
- http://www.adobe.com/support/techdocs/322699.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory/
- http://securitytracker.com/id?1015905=
- http://www.adobe.com/support/techdocs/322699.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769