Vulnerability CVE-2008-2641


Published: 2008-06-25   Modified: 2011-03-07

Description:
Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

Type:

CWE-noinfo

Vendor: Adobe
Product: Acrobat 3d 
Version:
8.1.2
8.1.1
8.1
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
7.0
Product: Acrobat reader 
Version:
8.1.2
8.1.1
8.1
8.0
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0
5.1
5.0.9
5.0.7
5.0.6
5.0.5
5.0.11
5.0.10
5.0
4.5
4.0.5
4.0
3.0

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.kb.cert.org/vuls/id/788019
http://www.securityfocus.com/bid/29908
http://www.adobe.com/support/security/bulletins/apsb08-15.html
http://secunia.com/advisories/30832
http://xforce.iss.net/xforce/xfdb/43307
http://www.vupen.com/english/advisories/2008/2289
http://www.vupen.com/english/advisories/2008/1906
http://www.securitytracker.com/id?1020352
http://www.redhat.com/support/errata/RHSA-2008-0641.html
http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1
http://secunia.com/advisories/31428
http://secunia.com/advisories/31352
http://secunia.com/advisories/31339
http://secunia.com/advisories/31136
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
http://isc.sans.org/diary.html?storyid=4616

Related CVE
CVE-2017-3124
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful e...
CVE-2017-3123
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Forma...
CVE-2017-3122
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Forma...
CVE-2017-3119
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead t...
CVE-2017-3120
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instruc...
CVE-2017-3121
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation ...
CVE-2017-3117
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation c...
CVE-2017-3116
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successf...

Copyright 2017, cxsecurity.com

 

Back to Top