cbcvebase.
CVE-2008-0655
published 2008-02-07

CVE-2008-0655: Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

PriorityP275high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-22
Exploited in the wild
EPSS
36.84%
98.3th percentile
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

Affected

4 ranges
VendorProductVersion rangeFixed in
adobeacrobat< 8.1.28.1.2
adobeacrobat<= 8.1.1
adobeacrobat_reader< 8.1.28.1.2
adobeacrobat_reader<= 8.1.1

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2008-0655 is exploited via specially crafted PDF files; the exploit is associated with the PDF collab.collectEmailInfo JavaScript method in Adobe Reader/Acrobat before 8.1.2
  • CVE-2008-0655 may subsume the silent print vulnerability via the DOC.print JavaScript API function — detect calls to DOC.print within PDF JavaScript for silent/non-interactive printing
  • CVE-2008-0655 may subsume arbitrary code execution via crafted PDF calling insecure JavaScript methods in the EScript.api plug-in — monitor for EScript.api JavaScript method abuse in PDF files
  • CVE-2008-0655 was packaged in the iPack exploit kit (starting ~$500), which booby-traps websites to deliver drive-by PDF exploits; hunt for iPack kit traffic patterns alongside other kit-delivered CVEs (CVE-2006-0003, CVE-2009-0927, CVE-2008-2992, CVE-2009-4324)
  • The vulnerability is described as a design flaw allowing a specially crafted PDF file to trigger silent printing an arbitrary number of times — flag PDF files invoking silent print behaviour as suspicious
  • ·CVE-2008-0655 is officially described as 'multiple unspecified vulnerabilities with unknown impact and attack vectors', making precise IOC extraction impossible from NVD alone; operational context is inferred from related CVEs noted as potentially subsumed by it

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.8CRITICAL
cisa9.8CRITICAL
vendor_redhat9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.