CVE-2008-2992 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2008-2992
Status Candidate
Description Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
Severity High
CVSS score 9,3
CVSS vector (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase Assigned (04.08.2011)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2992
References BID : 30035
BID : 32091
BUGTRAQ : 20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow
BUGTRAQ : 20081104 Secunia Research: Adobe Acrobat/Reader "util.printf()" Buffer Overflow
BUGTRAQ : 20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability
CERT-VN : VU#593409
CERT : TA08-309A
CONFIRM : http://support.nortel.com/go/main.jsp?cscat=BLTNDE...
CONFIRM : http://support.nortel.com/go/main.jsp?cscat=BLTNDE...
CONFIRM : http://www.adobe.com/support/security/bulletins/ap...
MILW0RM : 6994
MILW0RM : 7006
MISC : http://secunia.com/secunia_research/2008-14/
MISC : http://www.coresecurity.com/content/adobe-reader-b...
MISC : http://www.zerodayinitiative.com/advisories/ZDI-08...
OSVDB : 49520
REDHAT : RHSA-2008:0974
SECUNIA : 29773
SECUNIA : 32700
SECUNIA : 32872
SECUNIA : 35163
SREASON : 4549
SUSE : SUSE-SR:2008:026
VUPEN : ADV-2008-3001
VUPEN : ADV-2009-0098
SecurityVulns: Adobe Acrobat / Reader multiple security vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server