Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2008:0974
HistoryNov 12, 2008 - 12:00 a.m.

(RHSA-2008:0974) Critical: acroread security update

2008-11-1200:00:00
access.redhat.com
22

EPSS

0.975

Percentile

100.0%

JSON

Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).

Several input validation flaws were discovered in Adobe Reader. A malicious
PDF file could cause Adobe Reader to crash or, potentially, execute
arbitrary code as the user running Adobe Reader. (CVE-2008-2549,
CVE-2008-2992, CVE-2008-4812, CVE-2008-4813, CVE-2008-4814, CVE-2008-4817)

The Adobe Reader binary had an insecure relative RPATH (runtime library
search path) set in the ELF (Executable and Linking Format) header. A local
attacker able to convince another user to run Adobe Reader in an
attacker-controlled directory could run arbitrary code with the privileges
of the victim. (CVE-2008-4815)

All acroread users are advised to upgrade to these updated packages, that
contain Adobe Reader version 8.1.3, and are not vulnerable to these issues.

Related

nessus 17
openvas 15
gentoo 2
seebug 6
securityvulns 13
cvelist 9
prion 9
nvd 9
cve 9
ubuntucve 6
metasploit 4
exploitpack 2
saint 8
threatpost 6
checkpoint_advisories 5
packetstorm 3
canvas 2
zdi 4
cert 1
symantec 1
cisa_kev 2
exploitdb 6
attackerkb 2
coresecurity 1
thn 2
suse 1
nessus
nessus
RHEL 3 / 4 / 5 : acroread (RHSA-2008:0974)
2009-08-24 00:00:00
GLSA-200901-09 : Adobe Reader: User-assisted execution of arbitrary code
2009-01-14 00:00:00
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 5746)
2008-11-24 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200901-09 (acroread)
2009-01-20 00:00:00
Gentoo Security Advisory GLSA 200901-09 (acroread)
2009-01-20 00:00:00
Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 (Windows)
2008-11-05 00:00:00
gentoo
gentoo
Adobe Reader: User-assisted execution of arbitrary code
2009-01-13 00:00:00
Adobe Reader: User-assisted execution of arbitrary code
2009-04-18 00:00:00
seebug
seebug
Adobe Acrobat和Reader 8.1.2多个安全漏洞
2008-11-06 00:00:00
NOS Microsystems getPlus ActiveX控件缓冲区溢出漏洞
2008-11-07 00:00:00
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit
2014-07-01 00:00:00
securityvulns
securityvulns
Adobe Acrobat / Reader multiple security vulnerabilities
2008-11-05 00:00:00
iDefense Security Advisory 11.04.08: Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability
2008-11-10 00:00:00
iDefense Security Advisory 11.04.08: Adobe Acrobat And Reader AcroJS Heap Corruption Vulnerability
2008-11-05 00:00:00
cvelist
cvelist
CVE-2008-4817
2008-11-05 14:51:00
CVE-2008-4812
2008-11-05 14:51:00
CVE-2008-2549
2008-06-04 19:17:00
prion
prion
Design/Logic Flaw
2008-11-05 15:00:00
Out-of-bounds
2008-11-05 15:00:00
Input validation
2008-11-05 15:00:00
nvd
nvd
CVE-2008-4817
2008-11-05 15:00:14
CVE-2008-4814
2008-11-05 15:00:14
CVE-2008-4812
2008-11-05 15:00:14
cve
cve
CVE-2008-4814
2008-11-05 15:00:14
CVE-2008-4812
2008-11-05 15:00:14
CVE-2008-4817
2008-11-05 15:00:14
ubuntucve
ubuntucve
CVE-2008-4814
2008-11-05 00:00:00
CVE-2008-4817
2008-11-05 00:00:00
CVE-2008-4815
2008-11-05 00:00:00
metasploit
metasploit
Adobe Collab.getIcon() Buffer Overflow
2009-03-28 07:40:29
Adobe Collab.getIcon() Buffer Overflow
2009-03-28 07:40:29
Adobe util.printf() Buffer Overflow
2008-12-03 16:19:25
exploitpack
exploitpack
Adobe AcrobatReader 7.1.18.1.39.1 - Collab getIcon Universal
2009-09-03 00:00:00
Adobe Reader - util.printf() JavaScript Function Stack Overflow (2)
2008-11-05 00:00:00
saint
saint
Adobe Acrobat JavaScript getIcon method buffer overflow
2009-03-27 00:00:00
Adobe Acrobat JavaScript getIcon method buffer overflow
2009-03-27 00:00:00
Adobe Acrobat JavaScript getIcon method buffer overflow
2009-03-27 00:00:00
threatpost
threatpost
New PDF Attack Targets Aviation Defense Industry
2012-09-13 19:46:42
PBS Website Compromised, Used to Serve Exploits
2009-09-23 22:41:03
Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV
2013-06-10 16:17:14
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat PDF Font Processing Memory Corruption (CVE-2008-4813)
2010-03-08 00:00:00
Adobe Acrobat JavaScript getIcon Method Buffer Overflow (CVE-2009-0927)
2009-10-08 00:00:00
Adobe Acrobat JavaScript getIcon Method Buffer Overflow - Ver2 (CVE-2009-0927)
2014-03-31 00:00:00
packetstorm
packetstorm
Adobe Collab.getIcon() Buffer Overflow
2009-11-26 00:00:00
adobe-printf.txt
2008-11-06 00:00:00
Adobe util.printf() Buffer Overflow
2009-11-26 00:00:00
canvas
canvas
Immunity Canvas: ACROBAT_JS4
2009-03-19 10:30:00
Immunity Canvas: ACROBAT_JS3
2008-11-04 18:29:00
zdi
zdi
Adobe Acrobat getIcon() Stack Overflow Vulnerability
2009-03-24 00:00:00
Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability
2008-11-04 00:00:00
Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability
2008-11-04 00:00:00
cert
cert
Adobe Reader and Acrobat util.printf() JavaScript function stack buffer overflow
2008-11-04 00:00:00
symantec
symantec
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
2009-03-18 00:00:00
cisa_kev
cisa_kev
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
2022-03-25 00:00:00
Adobe Reader and Acrobat Input Validation Vulnerability
2022-03-03 00:00:00
exploitdb
exploitdb
Adobe Acrobat/Reader &lt; 7.1.1/8.1.3/9.1 - Collab getIcon Universal
2009-09-03 00:00:00
Adobe - &#039;Collab.getIcon()&#039; Local Buffer Overflow (Metasploit) (2)
2010-09-25 00:00:00
Adobe - &#039;util.printf()&#039; Local Buffer Overflow (Metasploit) (1)
2010-05-03 00:00:00
attackerkb
attackerkb
CVE-2009-0927
2009-03-19 00:00:00
CVE-2008-2992
2008-11-04 00:00:00
coresecurity
coresecurity
Adobe Reader Javascript Printf Buffer Overflow
2008-11-04 00:00:00
thn
thn
Phoenix Exploit's Kit 2.8 mini version
2011-10-12 17:41:00
Bleeding Life 2 Exploit Pack Released
2011-10-24 04:30:00
suse
suse
remote code execution in acroread
2009-03-27 15:24:52

EPSS

0.975

Percentile

100.0%

JSON
Related for RHSA-2008:0974
nessus17openvas15gentoo2seebug6securityvulns13cvelist9prion9nvd9cve9ubuntucve6metasploit4exploitpack2saint8threatpost6checkpoint_advisories5packetstorm3canvas2zdi4cert1symantec1cisa_kev2exploitdb6attackerkb2coresecurity1thn2suse1