CVE-2006-1788

medium

Description

Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25772

http://www.vupen.com/english/advisories/2006/1342

http://www.securityfocus.com/bid/17500

http://www.securityfocus.com/archive/1/430869/100/0/threaded

http://www.adobe.com/support/techdocs/331917.html

http://secunia.com/secunia_research/2005-68/advisory/

http://secunia.com/advisories/15924

Details

Source: Mitre, NVD

Published: 2006-04-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

Detections

Analytics