Vulnerabilities > CVE-2006-1627 - Unspecified vulnerability in Adobe Acrobat Reader
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN adobe
nessus
Summary
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | CGI abuses |
NASL id | ADOBE_DOCUMENT_SERVER_61.NASL |
description | The remote host is running Adobe Document Server, a server that dynamically creates and manipulates PDF documents as well as graphic images. The version of Adobe Document Server installed on the remote host includes the Adobe Document Server for Reader Extensions component, which itself is affected by several issues : - Missing Access Controls An authenticated user can gain access to functionality to which they should not have access by manipulating the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21220 |
published | 2006-04-14 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21220 |
title | Adobe Document Server for Reader Extensions < 6.1 Multiple Vulnerabilities |
code |
|
References
- http://secunia.com/advisories/15924
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory/
- http://secunia.com/secunia_research/2005-68/advisory/
- http://securitytracker.com/id?1015905
- http://securitytracker.com/id?1015905
- http://www.adobe.com/support/techdocs/322699.html
- http://www.adobe.com/support/techdocs/322699.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
- http://www.vupen.com/english/advisories/2006/1342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25769