PT-2006-2779 · Adobe · Adobe Document Server For Reader Extensions
Published
2006-04-13
·
Updated
2018-10-18
·
CVE-2006-1788
CVSS v2.0
2.6
Low
| Vector | AV:N/AC:H/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Document Server for Reader Extensions version 6.0
Description
The issue allows remote attackers to more easily identify valid user IDs via brute force attacks because it provides different error messages depending on whether the
user id is valid or invalid during log on.Recommendations
For Adobe Document Server for Reader Extensions version 6.0, consider implementing measures to make error messages more generic to prevent attackers from distinguishing between valid and invalid
user id inputs.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Adobe Document Server For Reader Extensions