9.3
CVE-2008-4814
- EPSS 11.87%
- Veröffentlicht 05.11.2008 15:00:14
- Zuletzt bearbeitet 16.06.2026 22:58:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Acrobat Reader Version <= 8.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.87% | 0.956 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
http://download.oracle.com/sunalerts/1019937.1.html
http://secunia.com/advisories/32700
http://secunia.com/advisories/32872
http://www.adobe.com/support/security/bulletins/apsb08-19.html
http://www.adobe.com/support/security/bulletins/apsb09-04.html
http://www.redhat.com/support/errata/RHSA-2008-0974.html
http://www.securitytracker.com/id?1021140
http://www.us-cert.gov/cas/techalerts/TA08-309A.html
http://www.vupen.com/english/advisories/2008/3001
http://www.vupen.com/english/advisories/2009/0098
http://www.securityfocus.com/bid/32100
http://www.skyrecon.com/index.php?option=com_content&task=view&id=302&Itemid=124
https://exchange.xforce.ibmcloud.com/vulnerabilities/46334