ID CVE-2006-1788
Summary Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:document_server:6.0:*:reader_extensions:*:*:*:*:*
    cpe:2.3:a:adobe:document_server:6.0:*:reader_extensions:*:*:*:*:*
CVSS
Base: 2.6 (as of 18-10-2018 - 16:36)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:N/A:N
refmap via4
bid 17500
bugtraq 20060413 Secunia Research: Adobe Document Server for Reader ExtensionsMultiple Vulnerabilities
confirm http://www.adobe.com/support/techdocs/331917.html
misc http://secunia.com/secunia_research/2005-68/advisory/
secunia 15924
vupen ADV-2006-1342
xf adobe-error-account-enumeration(25772)
Last major update 18-10-2018 - 16:36
Published 13-04-2006 - 22:02
Last modified 18-10-2018 - 16:36
Back to Top