6.5 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.048 Low
EPSS
Percentile
92.6%
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
adobe:acrobat_reader | adobe acrobat reader | le | 6.0 |
secunia.com/advisories/15924
secunia.com/secunia_research/2005-68/advisory/
securitytracker.com/id?1015905
www.adobe.com/support/techdocs/322699.html
www.securityfocus.com/archive/1/430869/100/0/threaded
www.securityfocus.com/bid/17500
www.vupen.com/english/advisories/2006/1342
exchange.xforce.ibmcloud.com/vulnerabilities/25769