cbcvebase.
CVE-2008-2549
published 2008-06-04

CVE-2008-2549: Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute…

PriorityP340medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
41.25%
98.5th percentile
Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.

Affected

32 ranges· showing 25
VendorProductVersion rangeFixed in
adobeacrobat_reader<= 8.1.2
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader
adobeacrobat_reader

Detection & IOCsextracted from sources · hover to see the quote

filename2008-HI2.pdf
urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/5687.pdf
  • Crash occurs at instruction pointer 0x00414141 within AcroRd32 — indicative of EIP/PC control via malformed PDF; monitor AcroRd32.exe crashes at this address as a exploitation signal.
  • Flag delivery of PDF files that trigger crashes in Adobe Acrobat Reader 8.1.2 and earlier (pre-8.1.3) or pre-7.1.1; correlate with process crash telemetry for AcroRd32.exe.
  • ·Vulnerability is confirmed fixed in Adobe Acrobat Reader 8.1.3; detections targeting vulnerable versions should scope to 8.1.2 and earlier, and pre-7.1.1 builds.

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.