CVE-2008-2641

Current Description

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

Basic Data

PublishedJune 25, 2008
Last ModifiedAugust 08, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationAdobeAcrobat 3d7.0*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.0*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.0*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.1*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.1*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.2*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.2*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.3*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.3*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.4*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.4*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.5*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.5*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.6*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.6*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.7*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.7*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.8*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.8*standard*****
    2.3ApplicationAdobeAcrobat 3d7.0.9*professional*****
    2.3ApplicationAdobeAcrobat 3d7.0.9*standard*****
    2.3ApplicationAdobeAcrobat 3d8.1*professional*****
    2.3ApplicationAdobeAcrobat 3d8.1*standard*****
    2.3ApplicationAdobeAcrobat 3d8.1.1*professional*****
    2.3ApplicationAdobeAcrobat 3d8.1.1*standard*****
    2.3ApplicationAdobeAcrobat 3d8.1.2*professional*****
    2.3ApplicationAdobeAcrobat 3d8.1.2*standard*****
    2.3ApplicationAdobeAcrobat Reader3.0*******
    2.3ApplicationAdobeAcrobat Reader4.0*******
    2.3ApplicationAdobeAcrobat Reader4.0.5*******
    2.3ApplicationAdobeAcrobat Reader4.5*******
    2.3ApplicationAdobeAcrobat Reader5.0*******
    2.3ApplicationAdobeAcrobat Reader5.0.5*******
    2.3ApplicationAdobeAcrobat Reader5.0.6*******
    2.3ApplicationAdobeAcrobat Reader5.0.7*******
    2.3ApplicationAdobeAcrobat Reader5.0.9*******
    2.3ApplicationAdobeAcrobat Reader5.0.10*******
    2.3ApplicationAdobeAcrobat Reader5.0.11*******
    2.3ApplicationAdobeAcrobat Reader5.1*******
    2.3ApplicationAdobeAcrobat Reader6.0*******
    2.3ApplicationAdobeAcrobat Reader6.0.1*******
    2.3ApplicationAdobeAcrobat Reader6.0.2*******
    2.3ApplicationAdobeAcrobat Reader6.0.3*******
    2.3ApplicationAdobeAcrobat Reader6.0.4*******
    2.3ApplicationAdobeAcrobat Reader6.0.5*******
    2.3ApplicationAdobeAcrobat Reader7.0*******
    2.3ApplicationAdobeAcrobat Reader7.0.1*******
    2.3ApplicationAdobeAcrobat Reader7.0.2*******
    2.3ApplicationAdobeAcrobat Reader7.0.3*******
    2.3ApplicationAdobeAcrobat Reader7.0.4*******
    2.3ApplicationAdobeAcrobat Reader7.0.5*******
    2.3ApplicationAdobeAcrobat Reader7.0.6*******
    2.3ApplicationAdobeAcrobat Reader7.0.7*******
    2.3ApplicationAdobeAcrobat Reader7.0.8*******
    2.3ApplicationAdobeAcrobat Reader7.0.9*******
    2.3ApplicationAdobeAcrobat Reader8.0*******
    2.3ApplicationAdobeAcrobat Reader8.1*******
    2.3ApplicationAdobeAcrobat Reader8.1.1*******
    2.3ApplicationAdobeAcrobat Reader8.1.2*******

Vulnerable Software List

VendorProductVersions
Adobe Acrobat 3d 7.0, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 8.1, 8.1.1, 8.1.2
Adobe Acrobat Reader 3.0, 4.0, 4.0.5, 4.5, 5.0, 5.0.10, 5.0.11, 5.0.5, 5.0.6, 5.0.7, 5.0.9, 5.1, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 7.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 8.0, 8.1, 8.1.1, 8.1.2

References

NameSourceURLTags
http://isc.sans.org/diary.html?storyid=4616http://isc.sans.org/diary.html?storyid=4616MISC
SUSE-SR:2008:016http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.htmlSUSE
30832http://secunia.com/advisories/30832SECUNIAPATCH Vendor Advisory
31136http://secunia.com/advisories/31136SECUNIA
31339http://secunia.com/advisories/31339SECUNIA
31352http://secunia.com/advisories/31352SECUNIA
31428http://secunia.com/advisories/31428SECUNIA
240106http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1SUNALERT
http://www.adobe.com/support/security/bulletins/apsb08-15.htmlhttp://www.adobe.com/support/security/bulletins/apsb08-15.htmlCONFIRMPATCH
GLSA-200808-10http://www.gentoo.org/security/en/glsa/glsa-200808-10.xmlGENTOO
VU#788019http://www.kb.cert.org/vuls/id/788019CERT-VNUS Government Resource
RHSA-2008:0641http://www.redhat.com/support/errata/RHSA-2008-0641.htmlREDHAT
29908http://www.securityfocus.com/bid/29908BIDPATCH
1020352http://www.securitytracker.com/id?1020352SECTRACK
ADV-2008-1906http://www.vupen.com/english/advisories/2008/1906VUPEN
ADV-2008-2289http://www.vupen.com/english/advisories/2008/2289VUPEN
adobe-javascript-method-code-execution(43307)https://exchange.xforce.ibmcloud.com/vulnerabilities/43307XF