CVE-2008-2641 — Improper Input Validation in Adobe Acrobat 3D

CWE-20 — Improper Input Validation5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

42.0%

top 2.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat 3D Adobe Acrobat Reader

Timeline

PublishedJun 25

Latest updateMay 1

Description

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/acrobat_reader32 versions+31

▶NVDadobe/acrobat_3d14 versions+13

Patches

Patch: secunia.com ↗Patch: www.adobe.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-g44h-jfwm-hrw7: Unspecified vulnerability in Adobe Reader and Acrobat 7↗2022-05-01

▶

VulnCheck

Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2 Input Validation in a JavaScript Method Vulnerability↗2008

▶

📋Vendor Advisories

Red Hat

acroread: input validation issue in a JavaScript method↗2008-06-23

▶

💬Community

Bugzilla

CVE-2008-2641 acroread: input validation issue in a JavaScript method↗2008-06-24

▶