Описание
Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.
Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1787
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25773
- http://secunia.com/advisories/15924
- http://secunia.com/secunia_research/2005-68/advisory
- http://www.adobe.com/support/techdocs/322699.html
- http://www.adobe.com/support/techdocs/331915.html
- http://www.securityfocus.com/archive/1/430869/100/0/threaded
- http://www.securityfocus.com/bid/17500
- http://www.vupen.com/english/advisories/2006/1342
EPSS
Процентиль: 82%
0.01773
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.
EPSS
Процентиль: 82%
0.01773
Низкий