cvelistv5 - cve-2008-2641

CVE-2008-2641 (GCVE-0-2008-2641)

Vulnerability from cvelistv5

Published

2008-06-25 10:00

Modified

2024-08-07 09:05

Severity ?

CWE

Summary

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2008-2641

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-2641

Aliases

CVE-2008-2641

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2641",
    "description": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
    "id": "GSD-2008-2641",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-2641.html",
      "https://access.redhat.com/errata/RHSA-2008:0641"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2641"
      ],
      "details": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
      "id": "GSD-2008-2641",
      "modified": "2023-12-13T01:23:01.081135Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2641",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2008-2289",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2289"
          },
          {
            "name": "ADV-2008-1906",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1906"
          },
          {
            "name": "adobe-javascript-method-code-execution(43307)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43307"
          },
          {
            "name": "1020352",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020352"
          },
          {
            "name": "http://isc.sans.org/diary.html?storyid=4616",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.html?storyid=4616"
          },
          {
            "name": "29908",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/29908"
          },
          {
            "name": "SUSE-SR:2008:016",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
          },
          {
            "name": "VU#788019",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/788019"
          },
          {
            "name": "30832",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30832"
          },
          {
            "name": "31352",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31352"
          },
          {
            "name": "240106",
            "refsource": "SUNALERT",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb08-15.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb08-15.html"
          },
          {
            "name": "GLSA-200808-10",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml"
          },
          {
            "name": "RHSA-2008:0641",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0641.html"
          },
          {
            "name": "31136",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31136"
          },
          {
            "name": "31428",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31428"
          },
          {
            "name": "31339",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31339"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.3:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.4:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.7:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.8:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1.1:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1.2:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.0:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.0:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.4:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.5:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.8:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.9:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1.2:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.2:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.3:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.6:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.7:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:8.1.1:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.1:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.1:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.2:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.5:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.6:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0.9:*:standard:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_3d:7.0:*:professional:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2641"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://isc.sans.org/diary.html?storyid=4616",
              "refsource": "MISC",
              "tags": [],
              "url": "http://isc.sans.org/diary.html?storyid=4616"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb08-15.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb08-15.html"
            },
            {
              "name": "29908",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/29908"
            },
            {
              "name": "30832",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30832"
            },
            {
              "name": "31352",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31352"
            },
            {
              "name": "31428",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31428"
            },
            {
              "name": "240106",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1"
            },
            {
              "name": "31136",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31136"
            },
            {
              "name": "VU#788019",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/788019"
            },
            {
              "name": "31339",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31339"
            },
            {
              "name": "SUSE-SR:2008:016",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
            },
            {
              "name": "GLSA-200808-10",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml"
            },
            {
              "name": "RHSA-2008:0641",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0641.html"
            },
            {
              "name": "1020352",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020352"
            },
            {
              "name": "ADV-2008-1906",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1906"
            },
            {
              "name": "ADV-2008-2289",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/2289"
            },
            {
              "name": "adobe-javascript-method-code-execution(43307)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43307"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-08T01:31Z",
      "publishedDate": "2008-06-25T12:36Z"
    }
  }
}

rhsa-2008:0641

Vulnerability from csaf_redhat

Published

2008-07-21 13:44

Modified

2025-11-08 03:23

Summary

Red Hat Security Advisory: acroread security update

Notes

Topic

Updated acroread packages that fix various security issues are now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Details

Adobe Acrobat Reader allows users to view and print documents in Portable Document Format (PDF). An input validation flaw was discovered in a JavaScript engine used by Acrobat Reader. A malicious PDF file could cause Acrobat Reader to crash or, potentially, execute arbitrary code as the user running Acrobat Reader. (CVE-2008-2641) An insecure temporary file usage issue was discovered in the Acrobat Reader "acroread" startup script. A local attacker could potentially overwrite arbitrary files that were writable by the user running Acrobat Reader, if the victim ran "acroread" with certain command line arguments. (CVE-2008-0883) All acroread users are advised to upgrade to these updated packages, that contain Acrobat Reader version 8.1.2 Security Update 1, and are not vulnerable to these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated acroread packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Adobe Acrobat Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nAn input validation flaw was discovered in a JavaScript engine used by\nAcrobat Reader. A malicious PDF file could cause Acrobat Reader to crash\nor, potentially, execute arbitrary code as the user running Acrobat Reader.\n(CVE-2008-2641)\n\nAn insecure temporary file usage issue was discovered in the Acrobat Reader\n\"acroread\" startup script. A local attacker could potentially overwrite\narbitrary files that were writable by the user running Acrobat Reader, if\nthe victim ran \"acroread\" with certain command line arguments.\n(CVE-2008-0883)\n\nAll acroread users are advised to upgrade to these updated packages, that\ncontain Acrobat Reader version 8.1.2 Security Update 1, and are not\nvulnerable to these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0641",
        "url": "https://access.redhat.com/errata/RHSA-2008:0641"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "436263",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
      },
      {
        "category": "external",
        "summary": "452632",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0641.json"
      }
    ],
    "title": "Red Hat Security Advisory: acroread security update",
    "tracking": {
      "current_release_date": "2025-11-08T03:23:59+00:00",
      "generator": {
        "date": "2025-11-08T03:23:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0641",
      "initial_release_date": "2008-07-21T13:44:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-21T13:44:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-21T09:44:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-08T03:23:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4 Extras",
                  "product_id": "4AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "4Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4 Extras",
                  "product_id": "4ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4 Extras",
                  "product_id": "4WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                  "product_id": "5Client-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                  "product_id": "5Server-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3 Extras",
                  "product_id": "3AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "3Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3 Extras",
                  "product_id": "3ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3 Extras",
                  "product_id": "3WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-0883",
      "discovery_date": "2008-02-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "436263"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: insecure handling of temporary files",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "RHBZ#436263",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-0883",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883"
        }
      ],
      "release_date": "2008-02-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "acroread: insecure handling of temporary files"
    },
    {
      "cve": "CVE-2008-2641",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2008-06-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "452632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: input validation issue in a JavaScript method",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "RHBZ#452632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2641",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641"
        }
      ],
      "release_date": "2008-06-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "acroread: input validation issue in a JavaScript method"
    }
  ]
}

rhsa-2008_0641

Vulnerability from csaf_redhat

Published

2008-07-21 13:44

Modified

2024-11-14 10:06

Summary

Red Hat Security Advisory: acroread security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated acroread packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Adobe Acrobat Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nAn input validation flaw was discovered in a JavaScript engine used by\nAcrobat Reader. A malicious PDF file could cause Acrobat Reader to crash\nor, potentially, execute arbitrary code as the user running Acrobat Reader.\n(CVE-2008-2641)\n\nAn insecure temporary file usage issue was discovered in the Acrobat Reader\n\"acroread\" startup script. A local attacker could potentially overwrite\narbitrary files that were writable by the user running Acrobat Reader, if\nthe victim ran \"acroread\" with certain command line arguments.\n(CVE-2008-0883)\n\nAll acroread users are advised to upgrade to these updated packages, that\ncontain Acrobat Reader version 8.1.2 Security Update 1, and are not\nvulnerable to these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0641",
        "url": "https://access.redhat.com/errata/RHSA-2008:0641"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "436263",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
      },
      {
        "category": "external",
        "summary": "452632",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0641.json"
      }
    ],
    "title": "Red Hat Security Advisory: acroread security update",
    "tracking": {
      "current_release_date": "2024-11-14T10:06:26+00:00",
      "generator": {
        "date": "2024-11-14T10:06:26+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2008:0641",
      "initial_release_date": "2008-07-21T13:44:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-21T13:44:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-21T09:44:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T10:06:26+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4 Extras",
                  "product_id": "4AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "4Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4 Extras",
                  "product_id": "4ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4 Extras",
                  "product_id": "4WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                  "product_id": "5Client-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                  "product_id": "5Server-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3 Extras",
                  "product_id": "3AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "3Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3 Extras",
                  "product_id": "3ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3 Extras",
                  "product_id": "3WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-0883",
      "discovery_date": "2008-02-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "436263"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: insecure handling of temporary files",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "RHBZ#436263",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-0883",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883"
        }
      ],
      "release_date": "2008-02-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "acroread: insecure handling of temporary files"
    },
    {
      "cve": "CVE-2008-2641",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2008-06-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "452632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: input validation issue in a JavaScript method",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "RHBZ#452632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2641",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641"
        }
      ],
      "release_date": "2008-06-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "acroread: input validation issue in a JavaScript method"
    }
  ]
}

RHSA-2008:0641

Vulnerability from csaf_redhat

Published

2008-07-21 13:44

Modified

2025-11-08 03:23

Summary

Red Hat Security Advisory: acroread security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated acroread packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Adobe Acrobat Reader allows users to view and print documents in Portable\nDocument Format (PDF).\n\nAn input validation flaw was discovered in a JavaScript engine used by\nAcrobat Reader. A malicious PDF file could cause Acrobat Reader to crash\nor, potentially, execute arbitrary code as the user running Acrobat Reader.\n(CVE-2008-2641)\n\nAn insecure temporary file usage issue was discovered in the Acrobat Reader\n\"acroread\" startup script. A local attacker could potentially overwrite\narbitrary files that were writable by the user running Acrobat Reader, if\nthe victim ran \"acroread\" with certain command line arguments.\n(CVE-2008-0883)\n\nAll acroread users are advised to upgrade to these updated packages, that\ncontain Acrobat Reader version 8.1.2 Security Update 1, and are not\nvulnerable to these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0641",
        "url": "https://access.redhat.com/errata/RHSA-2008:0641"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "436263",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
      },
      {
        "category": "external",
        "summary": "452632",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0641.json"
      }
    ],
    "title": "Red Hat Security Advisory: acroread security update",
    "tracking": {
      "current_release_date": "2025-11-08T03:23:59+00:00",
      "generator": {
        "date": "2025-11-08T03:23:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0641",
      "initial_release_date": "2008-07-21T13:44:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-21T13:44:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-21T09:44:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-08T03:23:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4 Extras",
                  "product_id": "4AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 4 Extras",
                "product": {
                  "name": "Red Hat Desktop version 4 Extras",
                  "product_id": "4Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4 Extras",
                  "product_id": "4ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4 Extras",
                  "product_id": "4WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
                  "product_id": "5Client-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
                  "product_id": "5Server-Supplementary",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3 Extras",
                  "product_id": "3AS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3 Extras",
                "product": {
                  "name": "Red Hat Desktop version 3 Extras",
                  "product_id": "3Desktop-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3 Extras",
                  "product_id": "3ES-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3 Extras",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3 Extras",
                  "product_id": "3WS-LACD",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras:3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux Supplementary"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread@8.1.2.SU1-2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                "product": {
                  "name": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_id": "acroread-plugin-0:8.1.2.SU1-2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/acroread-plugin@8.1.2.SU1-2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux AS version 3 Extras",
          "product_id": "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Desktop version 3 Extras",
          "product_id": "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux ES version 3 Extras",
          "product_id": "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.i386 as a component of Red Hat Enterprise Linux WS version 3 Extras",
          "product_id": "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.i386",
        "relates_to_product_reference": "3WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
          "product_id": "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4AS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Desktop version 4 Extras",
          "product_id": "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4Desktop-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
          "product_id": "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4ES-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
          "product_id": "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el4.i386",
        "relates_to_product_reference": "4WS-LACD"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
          "product_id": "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Client-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "acroread-plugin-0:8.1.2.SU1-2.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
          "product_id": "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        },
        "product_reference": "acroread-plugin-0:8.1.2.SU1-2.el5.i386",
        "relates_to_product_reference": "5Server-Supplementary"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-0883",
      "discovery_date": "2008-02-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "436263"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: insecure handling of temporary files",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw.",
          "title": "Statement"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "RHBZ#436263",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=436263"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-0883",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-0883"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0883"
        }
      ],
      "release_date": "2008-02-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "acroread: insecure handling of temporary files"
    },
    {
      "cve": "CVE-2008-2641",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2008-06-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "452632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "acroread: input validation issue in a JavaScript method",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
          "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
          "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
          "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
          "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
          "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "RHBZ#452632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2641",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2641"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641"
        }
      ],
      "release_date": "2008-06-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-21T13:44:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3AS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3ES-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-0:8.1.2.SU1-2.i386",
            "3WS-LACD:acroread-plugin-0:8.1.2.SU1-2.i386",
            "4AS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4AS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4Desktop-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4ES-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-0:8.1.2.SU1-2.el4.i386",
            "4WS-LACD:acroread-plugin-0:8.1.2.SU1-2.el4.i386",
            "5Client-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Client-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-0:8.1.2.SU1-2.el5.i386",
            "5Server-Supplementary:acroread-plugin-0:8.1.2.SU1-2.el5.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0641"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "acroread: input validation issue in a JavaScript method"
    }
  ]
}

CERTA-2008-AVI-336

Vulnerability from certfr_avis

Une vulnérabilité dans les produits Adobe permet à une personne malveillante d'effectuer une déni de service ou une exécution de code arbitraire à distance.

Description

Une vulnérabilité non documentée affecte les produits Adobe. Cette vulnérabilité permet à un individu malintentionné d'effectuer une déni de service ou une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	N/A	Adobe Reader 7.0.x ;
Adobe	N/A	Adobe Reader 8.x ;
Adobe	Acrobat	Adobe Acrobat 8.x ;
Adobe	Acrobat	Adobe Acrobat 7.0.x.

References

Title

Publication Time

ghsa-g44h-jfwm-hrw7

Vulnerability from github

Published

2022-05-01 23:52

Modified

2022-05-01 23:52

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2641"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-06-25T12:36:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\"",
  "id": "GHSA-g44h-jfwm-hrw7",
  "modified": "2022-05-01T23:52:04Z",
  "published": "2022-05-01T23:52:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2641"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43307"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.html?storyid=4616"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30832"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31136"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31339"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31352"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31428"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb08-15.html"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/788019"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0641.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29908"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020352"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1906"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2289"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2008-2641

Vulnerability from fkie_nvd

Published

2008-06-25 12:36

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://isc.sans.org/diary.html?storyid=4616
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
cve@mitre.org	http://secunia.com/advisories/30832	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31136
cve@mitre.org	http://secunia.com/advisories/31339
cve@mitre.org	http://secunia.com/advisories/31352
cve@mitre.org	http://secunia.com/advisories/31428
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1
cve@mitre.org	http://www.adobe.com/support/security/bulletins/apsb08-15.html	Patch
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml
cve@mitre.org	http://www.kb.cert.org/vuls/id/788019	US Government Resource
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0641.html
cve@mitre.org	http://www.securityfocus.com/bid/29908	Patch
cve@mitre.org	http://www.securitytracker.com/id?1020352
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1906
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2289
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/43307
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?storyid=4616
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30832	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31136
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31339
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31352
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31428
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb08-15.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/788019	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0641.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29908	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020352
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1906
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2289
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/43307

Impacted products

Vendor	Product	Version
adobe	acrobat_3d	7.0
adobe	acrobat_3d	7.0
adobe	acrobat_3d	7.0.0
adobe	acrobat_3d	7.0.0
adobe	acrobat_3d	7.0.1
adobe	acrobat_3d	7.0.1
adobe	acrobat_3d	7.0.2
adobe	acrobat_3d	7.0.2
adobe	acrobat_3d	7.0.3
adobe	acrobat_3d	7.0.3
adobe	acrobat_3d	7.0.4
adobe	acrobat_3d	7.0.4
adobe	acrobat_3d	7.0.5
adobe	acrobat_3d	7.0.5
adobe	acrobat_3d	7.0.6
adobe	acrobat_3d	7.0.6
adobe	acrobat_3d	7.0.7
adobe	acrobat_3d	7.0.7
adobe	acrobat_3d	7.0.8
adobe	acrobat_3d	7.0.8
adobe	acrobat_3d	7.0.9
adobe	acrobat_3d	7.0.9
adobe	acrobat_3d	8.1
adobe	acrobat_3d	8.1
adobe	acrobat_3d	8.1.1
adobe	acrobat_3d	8.1.1
adobe	acrobat_3d	8.1.2
adobe	acrobat_3d	8.1.2
adobe	acrobat_reader	3.0
adobe	acrobat_reader	4.0
adobe	acrobat_reader	4.0.5
adobe	acrobat_reader	4.5
adobe	acrobat_reader	5.0
adobe	acrobat_reader	5.0.5
adobe	acrobat_reader	5.0.6
adobe	acrobat_reader	5.0.7
adobe	acrobat_reader	5.0.9
adobe	acrobat_reader	5.0.10
adobe	acrobat_reader	5.0.11
adobe	acrobat_reader	5.1
adobe	acrobat_reader	6.0
adobe	acrobat_reader	6.0.1
adobe	acrobat_reader	6.0.2
adobe	acrobat_reader	6.0.3
adobe	acrobat_reader	6.0.4
adobe	acrobat_reader	6.0.5
adobe	acrobat_reader	7.0
adobe	acrobat_reader	7.0.1
adobe	acrobat_reader	7.0.2
adobe	acrobat_reader	7.0.3
adobe	acrobat_reader	7.0.4
adobe	acrobat_reader	7.0.5
adobe	acrobat_reader	7.0.6
adobe	acrobat_reader	7.0.7
adobe	acrobat_reader	7.0.8
adobe	acrobat_reader	7.0.9
adobe	acrobat_reader	8.0
adobe	acrobat_reader	8.1
adobe	acrobat_reader	8.1.1
adobe	acrobat_reader	8.1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "8A748890-C102-47C4-8A75-05E5C0064115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0:*:standard:*:*:*:*:*",
              "matchCriteriaId": "2AB13B40-EEF8-42EB-A02F-D57D88A812D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1E7D4E11-F49C-47D5-84EE-7A65BF0EF75B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.0:*:standard:*:*:*:*:*",
              "matchCriteriaId": "19BE10C3-1A94-4832-935F-8CC28D7AEF2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "4F7B4494-F02C-4D33-86A6-D126440B44AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.1:*:standard:*:*:*:*:*",
              "matchCriteriaId": "9E9D25AB-0FC8-4E0D-87C1-089FF1A04219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "57AAAD7B-A053-4AD8-87D6-CF7399BB873F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.2:*:standard:*:*:*:*:*",
              "matchCriteriaId": "BE080136-C078-4B27-983F-307F8DA1C6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "E257B03E-FDE6-40BC-A13A-9F383808B143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.3:*:standard:*:*:*:*:*",
              "matchCriteriaId": "007CC2B9-1FB1-45EC-8D2B-BD5B15716B91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.4:*:professional:*:*:*:*:*",
              "matchCriteriaId": "00DDEA6D-B28A-44E8-A8A3-4CE688CB2C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.4:*:standard:*:*:*:*:*",
              "matchCriteriaId": "EBDA4F47-0E01-42E3-8529-8C2608C9C3E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.5:*:professional:*:*:*:*:*",
              "matchCriteriaId": "82E9DE9F-5782-4FD4-BE02-55C8FA79BF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.5:*:standard:*:*:*:*:*",
              "matchCriteriaId": "F9B3007B-4A43-4F40-A9D8-15012607A328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.6:*:professional:*:*:*:*:*",
              "matchCriteriaId": "0D07A979-15E4-47B3-A412-47702905C687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.6:*:standard:*:*:*:*:*",
              "matchCriteriaId": "72BFBE65-1004-4B22-BA63-5C90E93B8CCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.7:*:professional:*:*:*:*:*",
              "matchCriteriaId": "618D991E-0510-427B-80CD-F820A0C1782E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.7:*:standard:*:*:*:*:*",
              "matchCriteriaId": "3B60667F-7818-4959-B923-7EFC55EC19A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.8:*:professional:*:*:*:*:*",
              "matchCriteriaId": "CD612ECD-E98A-4C17-B3F6-70BC12CA8664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.8:*:standard:*:*:*:*:*",
              "matchCriteriaId": "5A160691-E99D-497B-8FB8-E384B039854D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.9:*:professional:*:*:*:*:*",
              "matchCriteriaId": "E8E51EAF-420E-470A-9903-4D3D10B638D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:7.0.9:*:standard:*:*:*:*:*",
              "matchCriteriaId": "6704EAE6-7729-4631-9E70-A8F1A628CABE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "858DFFF0-3CD5-4D70-886F-BF0F4E68EE69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1:*:standard:*:*:*:*:*",
              "matchCriteriaId": "AF2C30B6-2ADA-4695-86F6-6A3DD990641F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "CEBDEC98-39C9-4936-B0AB-F415D02EC8C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1.1:*:standard:*:*:*:*:*",
              "matchCriteriaId": "1073C404-97AE-4CA2-AD9B-53096A7196B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "14D434F4-82A0-4B23-82DB-1C07AF80042E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_3d:8.1.2:*:standard:*:*:*:*:*",
              "matchCriteriaId": "147F2EC6-91BF-4BE6-AC56-F285160B70D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C92642-7C8D-411A-8726-06A8A6483D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F509566A-6D4A-40C0-8A16-F8765C5DCAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "707D7124-6063-4510-80B4-AD9675996F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AED985D-60D7-489E-9F1E-CE3C9D985B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0FCA2F-FD7F-4CE5-9D45-324A7EC45105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7EAA22-CED2-4379-9465-9562BACB1C20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B1CA6B-600C-4E03-B4D5-3D7E1BC4D0F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7AA1BA3-9FFA-46AB-A92A-7247D5F7EA06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5F7424-1E19-4078-8908-CD86A0185042",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2402B40-6B72-48B5-A376-DA8D16CA43FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D968113-340A-4E5A-B4FD-D9702D49E3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACF742B8-5F7A-487B-835C-756B1BB392F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0BB7C0C-B1D6-4733-BA91-022A1A7FB2E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B131DB8-4B6A-4AF2-8D5E-B5EA1AEBFB3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B9351C2-16ED-4766-B417-8DB3A8766C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74667860-0047-40AD-9468-860591BA9D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DEA092A-5532-4DCC-B43D-7A8ECF07FA4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9628AFF9-6EE1-4E85-858F-AE96EE64B7F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "24262AFA-2EC8-479E-8922-36DB4243E404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E62096-08B2-4722-A492-11E9A441E85B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5370AC6-90EE-48EA-8DBD-54002B102F7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36D10A8-D211-437D-98D8-9029D0A9CF8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA55D00C-3629-48E4-8699-F62B8D703E02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EE5E1B7-7B91-4AE1-92AA-4F1763E1BA1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "623324C2-C8B5-4C3C-9C10-9677D5A6740A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EAF5E3-F3B4-4AD3-B5F1-281AB0F9C57F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "634396D6-4ED6-4F4D-9458-396373489589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an \"input validation issue in a JavaScript method.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Adobe Reader y Acrobat 7.0.9 y anteriores, y 8.0 hasta 8.1.2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no conocidos, relacionados con un \"problema de validaci\u00f3n de entrada en un m\u00e9todo JavaScript.\""
    }
  ],
  "id": "CVE-2008-2641",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-06-25T12:36:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://isc.sans.org/diary.html?storyid=4616"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30832"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31136"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31428"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb08-15.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/788019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0641.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29908"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1906"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2289"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://isc.sans.org/diary.html?storyid=4616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240106-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb08-15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200808-10.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/788019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0641.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2289"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43307"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-2641 (GCVE-0-2008-2641)

Vulnerability from cvelistv5

gsd-2008-2641

Vulnerability from gsd

rhsa-2008:0641

Vulnerability from csaf_redhat

rhsa-2008_0641

Vulnerability from csaf_redhat

RHSA-2008:0641

Vulnerability from csaf_redhat

CERTA-2008-AVI-336

Vulnerability from certfr_avis

Description

Solution

ghsa-g44h-jfwm-hrw7

Vulnerability from github

fkie_cve-2008-2641

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature