Input Validation Issue in Adobe Reader and Acrobat by Adobe
CVE-2008-2641

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat Reader; Acrobat 3d
Vendor: CVE Published:; 25 June 2008

What is CVE-2008-2641?

An unspecified vulnerability in Adobe Reader and Acrobat versions 7.0.9 and earlier, as well as versions 8.0 through 8.1.2, allows remote attackers to exploit an input validation issue within a JavaScript method. This could result in a denial of service through application crashes or, in some cases, allow the execution of arbitrary code when malicious PDF files are opened, posing significant security risks to users.

References

http://www.vupen.com/english/advisories/2008/2289

vdb-entryx_refsource_VUPEN

http://www.vupen.com/english/advisories/2008/1906

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/43307

vdb-entryx_refsource_XF

EPSS Score

24% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2008
Vulnerability Reserved
Jun 9, 2008