Vulnerability CVE-2006-1628
Published: 2006-04-13   Modified: 2012-02-12

Description:
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system.

CVSS2 => (AV:N/AC:H/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Remote
High
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Adobe -> Livecycle form manager 

 References:
http://www.adobe.com/support/techdocs/333036.html
http://secunia.com/advisories/19620
http://www.vupen.com/english/advisories/2006/1343
http://xforce.iss.net/xforce/xfdb/25779
http://www.securityfocus.com/bid/17511
http://securitytracker.com/id?1015906
Copyright 2024, cxsecurity.com

 

Back to Top