CVE-2008-0726

Sažetak

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html
http://secunia.com/advisories/28983
http://secunia.com/advisories/29065
http://secunia.com/advisories/29205
http://secunia.com/advisories/30840
http://security.gentoo.org/glsa/glsa-200803-01.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1
http://www.adobe.com/support/security/advisories/apsa08-01.html
http://www.adobe.com/support/security/bulletins/apsb08-13.html
http://www.redhat.com/support/errata/RHSA-2008-0144.html
http://www.securityfocus.com/archive/1/488000/100/0/threaded
http://www.vupen.com/english/advisories/2008/1966/references
http://www.zerodayinitiative.com/advisories/ZDI-08-004.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10957

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

15-10-2018 - 22:02

Objavljeno

12-02-2008 - 20:00