Lucene search

[email protected]CVE-2006-1787

HistoryApr 13, 2006 - 10:02 p.m.

CVE-2006-1787

2006-04-1322:02:00

[email protected]

web.nvd.nist.gov

adobe

document server

reader extensions

cve-2006-1787

security

vulnerability

pdf

remote attack

session id

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Adobe Document Server for Reader Extensions 6.0 includes a user’s session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.

Affected configurations

NVD

Node

adobedocument_serverMatch6.0reader_extensions

CPENameOperatorVersion
adobe:document_serveradobe document servereq6.0

CPE	Name	Operator	Version
adobe:document_server	adobe document server	eq	6.0

References

secunia.com/advisories/15924

secunia.com/secunia_research/2005-68/advisory/

www.adobe.com/support/techdocs/322699.html

www.adobe.com/support/techdocs/331915.html

www.securityfocus.com/archive/1/430869/100/0/threaded

www.securityfocus.com/bid/17500

www.vupen.com/english/advisories/2006/1342

exchange.xforce.ibmcloud.com/vulnerabilities/25773

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2006-1787

prion1 cvelist1 nvd1 nessus1