9.3

CVE-2008-4812

Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Updateunknown Edition3d Version <= 8.1.2
AdobeAcrobat Updateunknown Editionprofessional Version <= 8.1.2
AdobeAcrobat Updateunknown Editionstandard Version <= 8.1.2
AdobeAcrobat Version8.1.1
AdobeAcrobat Version8.1.1 Updateunknown Edition3d
AdobeAcrobat Version8.1.1 Updateunknown Editionprofessional
AdobeAcrobat Version8.1.1 Updateunknown Editionstandard
AdobeAcrobat Reader Version <= 8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.8% 0.945
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801
http://download.oracle.com/sunalerts/1019937.1.html
http://secunia.com/advisories/32700
http://secunia.com/advisories/32872
http://secunia.com/advisories/35163
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609
http://www.adobe.com/support/security/bulletins/apsb08-19.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0974.html
http://www.securitytracker.com/id?1021140
http://www.us-cert.gov/cas/techalerts/TA08-309A.html
US Government Resource
http://www.vupen.com/english/advisories/2008/3001
http://www.vupen.com/english/advisories/2009/0098
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=755
http://www.securityfocus.com/bid/32100
https://exchange.xforce.ibmcloud.com/vulnerabilities/46332