CVE-2006-1787

Currently unrated

Key Information:

Vendor: Adobe
Status: Document Server
Vendor: CVE Published:; 13 April 2006

Summary

Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session.

References

http://www.securityfocus.com/archive/1/430869/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.adobe.com/support/techdocs/331915.html

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/25773

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 13, 2006
Vulnerability Reserved
Apr 13, 2006