CVE-2008-0726 — Out-of-bounds Write in Adobe Acrobat

CWE-1894 documents4 sources

Severity

9.3CRITICALNVD

EPSS

9.4%

top 7.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Adobe Acrobat Reader

Timeline

PublishedFeb 12

Latest updateMay 1

Description

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/acrobat_reader8.1.1

▶NVDadobe/acrobat8.1.1

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-xw2j-g93q-hj2g: Integer overflow in Adobe Reader and Acrobat 8↗2022-05-01

▶

📋Vendor Advisories

Red Hat

Acroread memory corruption↗2008-02-11

▶

💬Community

Bugzilla

CVE-2008-0726 Acroread memory corruption↗2008-02-14

▶