Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > April 2006 > Adobe Security Bulletins: * Adobe Document Server for Reader Extensions 6.0 * Adobe Livecycle Workflow 7.01 and Adobe Livecycle FormManager 7.01

April 2006

Adobe Security Bulletins: * Adobe Document Server for Reader Extensions 6.0 * Adobe Livecycle Workflow 7.01 and Adobe Livecycle FormManager 7.01

ID: 00282
Ref: 281/2006
Date: 13 April 2006:10:29:00
Version: 1
Title: Adobe Security Bulletins: * Adobe Document Server for Reader Extensions 6.0 * Adobe Livecycle Workflow 7.01 and Adobe Livecycle FormManager 7.01
Abstract:
Vendors affected: Adobe
Operating systems affected: Adobe
Applications affected: Adobe
Title
=====

Adobe Security Bulletins:
* Adobe Document Server for Reader Extensions 6.0
* Adobe Livecycle Workflow 7.01 and Adobe Livecycle FormManager 7.01

Detail
======

Adobe has been made aware of potential vulnerabilities related to
user authentication management within Adobe Document Server for Reader
Extensions 6.0. These potential vulnerabilities could enable
disclosure of Adobe Document Server for Reader Extensions
authentication credentials during use of the product.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Adobe Security Bulletins:

* Adobe Document Server for Reader Extensions 6.0
* Adobe Livecycle Workflow 7.01 and Adobe Livecycle FormManager 7.01


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

APSB06-05 # User authentication management vulnerabilities in Adobe
Document Server for Reader Extensions 6.0

Originally posted: April 12, 2006

Summary:
Adobe has been made aware of potential vulnerabilities related to
user authentication management within Adobe Document Server for Reader
Extensions 6.0. These potential vulnerabilities could enable
disclosure of Adobe Document Server for Reader Extensions
authentication credentials during use of the product.

Severity Rating:
Adobe categorizes this issue as an important issue and recommends
that affected users upgrade to a more recent version of the Adobe
Document Server for Reader Extensions:
http://www.adobe.com/support/security/severity_ratings.html

Learn more:
http://www.adobe.com/support/techdocs/322699.html

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

APSB06-06 - LiveCycle information disclosure to OBSOLETE users

Originally posted: April 12, 2006

Summary:
Adobe has been made aware of a potential vulnerability in LiveCycle
user authorization management that could enable disclosure of LiveCycle
data to users who have been marked OBSOLETE.

Severity Rating:
Adobe categorizes this issue as a moderate issue and recommends
that this upgrade by applied to affected systems:
http://www.adobe.com/support/security/severity_ratings.html

Learn more:
http://www.adobe.com/support/techdocs/333036.html

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ANY INFORMATION, PATCHES, DOWNLOADS, WORKAROUNDS, OR FIXES
PROVIDED BY ADOBE IN THIS BULLETIN ARE PROVIDED "AS IS"
WITHOUT WARRANTY OF ANY KIND. ADOBE AND ITS SUPPLIERS
DISCLAIM ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED OR
OTHERWISE, INCLUDING THE WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE. ALSO, THERE IS NO
WARRANTY OF NON-INFRINGEMENT, TITLE, OR QUIET ENJOYMENT.
(USA ONLY) SOME STATES DO NOT ALLOW THE EXCLUSION OF
IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY
TO YOU. IN NO EVENT SHALL ADOBE, INC. OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT
LIMITATION, DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL,
SPECIAL, PUNITIVE, COVER, LOSS OF PROFITS, BUSINESS
INTERRUPTION, OR THE LIKE, OR LOSS OF BUSINESS DAMAGES,
BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF
CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE),
PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADOBE, INC. OR ITS
SUPPLIERS OR THEIR REPRESENTATIVES HAVE BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES. (USA ONLY) SOME STATES
DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR
CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE ABOVE EXCLUSION
OR LIMITATION MAY NOT APPLY TO YOU AND YOU MAY ALSO HAVE
OTHER LEGAL RIGHTS THAT VARY FROM STATE TO STATE.

Adobe reserves the right, from time to time, to update
the information in this document with current information.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is a security message from Adobe Systems Incorporated,
its subsidiaries, and affiliates ("Adobe"), 345 Park Avenue,
San Jose, CA 95110 USA.

Your privacy is important to us. Please review Adobe's
online Privacy Policy by clicking here:
http://www.adobe.com/misc/privacy.html


  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |