Input Validation Issue in Adobe Reader and Acrobat by Adobe
CVE-2008-2641

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat Reader; Acrobat 3d
Vendor: CVE Published:; 25 June 2008

Summary

An unspecified vulnerability in Adobe Reader and Acrobat versions 7.0.9 and earlier, as well as versions 8.0 through 8.1.2, allows remote attackers to exploit an input validation issue within a JavaScript method. This could result in a denial of service through application crashes or, in some cases, allow the execution of arbitrary code when malicious PDF files are opened, posing significant security risks to users.

References

http://www.vupen.com/english/advisories/2008/2289

vdb-entryx_refsource_VUPEN

http://www.vupen.com/english/advisories/2008/1906

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/43307

vdb-entryx_refsource_XF

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 25, 2008
Vulnerability Reserved
Jun 9, 2008