Lucene search

[email protected]NVD:CVE-2008-2992

HistoryNov 04, 2008 - 6:29 p.m.

CVE-2008-2992

2008-11-0418:29:47

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.972 High

EPSS

Percentile

99.8%

JSON

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

Affected configurations

NVD

Node

adobeacrobatRange≤8.1.2

adobeacrobatMatch3.0

adobeacrobatMatch3.1

adobeacrobatMatch4.0

adobeacrobatMatch4.0.5

adobeacrobatMatch4.0.5a

adobeacrobatMatch4.0.5c

adobeacrobatMatch5.0

adobeacrobatMatch5.0.5

adobeacrobatMatch5.0.6

adobeacrobatMatch5.0.10

adobeacrobatMatch6.0

adobeacrobatMatch6.0.1

adobeacrobatMatch6.0.2

adobeacrobatMatch6.0.3

adobeacrobatMatch6.0.4

adobeacrobatMatch6.0.5

adobeacrobatMatch7.0

adobeacrobatMatch7.0.1

adobeacrobatMatch7.0.2

adobeacrobatMatch7.0.3

adobeacrobatMatch7.0.4

adobeacrobatMatch7.0.5

adobeacrobatMatch7.0.6

adobeacrobatMatch7.0.7

adobeacrobatMatch7.0.8

adobeacrobatMatch7.0.9

adobeacrobatMatch8.0

adobeacrobatMatch8.1

adobeacrobatMatch8.1.1

adobeacrobat_readerRange≤8.1.2

adobeacrobat_readerMatch3.0

adobeacrobat_readerMatch4.0

adobeacrobat_readerMatch4.0.5

adobeacrobat_readerMatch4.0.5a

adobeacrobat_readerMatch4.0.5c

adobeacrobat_readerMatch4.5

adobeacrobat_readerMatch5.0

adobeacrobat_readerMatch5.0.5

adobeacrobat_readerMatch5.0.6

adobeacrobat_readerMatch5.0.7

adobeacrobat_readerMatch5.0.9

adobeacrobat_readerMatch5.0.10

adobeacrobat_readerMatch5.0.11

adobeacrobat_readerMatch5.1

adobeacrobat_readerMatch6.0

adobeacrobat_readerMatch6.0.1

adobeacrobat_readerMatch6.0.2

adobeacrobat_readerMatch6.0.3

adobeacrobat_readerMatch6.0.4

adobeacrobat_readerMatch6.0.5

adobeacrobat_readerMatch7.0

adobeacrobat_readerMatch7.0.1

adobeacrobat_readerMatch7.0.2

adobeacrobat_readerMatch7.0.3

adobeacrobat_readerMatch7.0.4

adobeacrobat_readerMatch7.0.5

adobeacrobat_readerMatch7.0.6

adobeacrobat_readerMatch7.0.7

adobeacrobat_readerMatch7.0.8

adobeacrobat_readerMatch7.0.9

adobeacrobat_readerMatch8.0

adobeacrobat_readerMatch8.1

adobeacrobat_readerMatch8.1.1

References

download.oracle.com/sunalerts/1019937.1.html

lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

osvdb.org/49520

secunia.com/advisories/29773

secunia.com/advisories/32700

secunia.com/advisories/32872

secunia.com/advisories/35163

secunia.com/secunia_research/2008-14/

securityreason.com/securityalert/4549

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609

www.adobe.com/support/security/bulletins/apsb08-19.html

www.coresecurity.com/content/adobe-reader-buffer-overflow

www.kb.cert.org/vuls/id/593409

www.redhat.com/support/errata/RHSA-2008-0974.html

www.securityfocus.com/archive/1/498027/100/0/threaded

www.securityfocus.com/archive/1/498032/100/0/threaded

www.securityfocus.com/archive/1/498055/100/0/threaded

www.securityfocus.com/bid/30035

www.securityfocus.com/bid/32091

www.securitytracker.com/id?1021140

www.us-cert.gov/cas/techalerts/TA08-309A.html

www.vupen.com/english/advisories/2008/3001

www.vupen.com/english/advisories/2009/0098

www.zerodayinitiative.com/advisories/ZDI-08-072/

www.exploit-db.com/exploits/6994

www.exploit-db.com/exploits/7006

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.972 High

EPSS

Percentile

99.8%

JSON

Related for NVD:CVE-2008-2992