Vulnerability CVE-2008-2641


Published: 2008-06-25   Modified: 2012-02-12

Description:
Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

Type:

CWE-noinfo

Vendor: Adobe
Product: Acrobat 3d 
Version:
8.1.2
8.1.1
8.1
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
7.0
Product: Acrobat reader 
Version:
8.1.2
8.1.1
8.1
8.0
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0
5.1
5.0.9
5.0.7
5.0.6
5.0.5
5.0.11
5.0.10
5.0
4.5
4.0.5
4.0
3.0

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.kb.cert.org/vuls/id/788019
http://www.securityfocus.com/bid/29908
http://www.adobe.com/support/security/bulletins/apsb08-15.html
http://secunia.com/advisories/30832
http://xforce.iss.net/xforce/xfdb/43307
http://www.vupen.com/english/advisories/2008/2289
http://www.vupen.com/english/advisories/2008/1906
http://www.securitytracker.com/id?1020352
http://www.redhat.com/support/errata/RHSA-2008-0641.html
http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1
http://secunia.com/advisories/31428
http://secunia.com/advisories/31352
http://secunia.com/advisories/31339
http://secunia.com/advisories/31136
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
http://isc.sans.org/diary.html?storyid=4616

Related CVE
CVE-2018-19719
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19718
Adobe Connect versions 9.8.1 and earlier have a session token exposure vulnerability. Successful exploitation could lead to exposure of the privileges granted to a session.
CVE-2018-19714
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19712
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19706
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19705
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19704
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...
CVE-2018-19703
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h...

Copyright 2019, cxsecurity.com

 

Back to Top