Adobe Document Server for Reader Extensions における特権アクションを実行される脆弱性
| Title |
Adobe Document Server for Reader Extensions における特権アクションを実行される脆弱性
|
| Summary |
Adobe Document Server for Reader Extensions には、特権アクションを実行される脆弱性が存在します。
|
| Possible impacts |
リモート認証されたユーザにより、特権アクションを実行される可能性があります。 |
| Solution |
ベンダ情報および参考情報を参照して適切な対策を実施してください。 |
| Publication Date |
April 13, 2006, midnight |
| Registration Date |
Dec. 26, 2013, 3:44 p.m. |
| Last Update |
Dec. 26, 2013, 3:44 p.m. |
|
CVSS2.0 : 危険
|
| Score |
7.5
|
| Vector |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
Affected System
| アドビシステムズ |
|
Adobe Document Server for Reader Extensions 6.0
|
CVE (情報セキュリティ 共通脆弱性識別子)
Change Log
| No |
Changed Details |
Date of change |
| 0 |
[2013年12月26日]
掲載 |
Feb. 17, 2018, 10:37 a.m. |
NVD Vulnerability Information
CVE-2006-1627
| Summary |
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
|
| Publication Date |
April 14, 2006, 3:02 a.m. |
| Registration Date |
Jan. 29, 2021, 3:34 p.m. |
| Last Update |
Oct. 19, 2018, 1:33 a.m. |
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:a:adobe:acrobat_reader:*:*:reader_extensions:*:*:*:*:* |
|
6.0 |
|
|
Related information, measures and tools
Common Vulnerabilities List