CVE-2006-1627
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/04/2006
Last modified:
03/04/2025
Description
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:adobe:acrobat_reader:*:*:reader_extensions:*:*:*:*:* | 6.0 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory/
- http://securitytracker.com/id?1015905=
- http://www.adobe.com/support/techdocs/322699.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory/
- http://securitytracker.com/id?1015905=
- http://www.adobe.com/support/techdocs/322699.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769