CVE-2008-4812

Published Nov 5, 2008

Last updated 6 years ago

Overview

Description: Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:*:unknown:3d:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3E09C95-5726-486C-86C6-F1E98D281DDD",
            "versionEndIncluding": "8.1.2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:*:unknown:professional:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF117631-0095-4139-AFAC-D2C9050674AD",
            "versionEndIncluding": "8.1.2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:*:unknown:standard:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AA6AB66-8399-41E9-9688-7EEC083AFEBB",
            "versionEndIncluding": "8.1.2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:unknown:3d:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C05B37C5-3043-4398-B009-7FFD5AF9D9FA"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:unknown:professional:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73AE4111-A2AD-41A6-9F74-6C5DCBAD7B4C"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:unknown:standard:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A72B429E-3C05-49A2-8097-72D968473B3A"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "612599DD-94C9-4ECF-8986-C3BF355779B4",
            "versionEndIncluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References