CVE-2006-1788
Severity Score
2.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-04-13 CVE Reserved
- 2006-04-13 CVE Published
- 2024-08-02 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/430869/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/17500 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/1342 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25772 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.adobe.com/support/techdocs/331917.html | 2018-10-18 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/15924 | 2018-10-18 | |
| http://secunia.com/secunia_research/2005-68/advisory | 2018-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Document Server Search vendor "Adobe" for product "Document Server" | 6.0 Search vendor "Adobe" for product "Document Server" and version "6.0" | reader_extensions |
Affected
| ||||||