CVE-2008-2549

Adobe Acrobat Reader < 8.1.2 and < 7.1.1 - Remote Code Execution via Malformed PDF Document

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2549. PoCs published by securfrog.

AI-analyzed exploit summary This exploit triggers a denial of service (DoS) in Adobe Acrobat Reader <= 8.1.2 by opening a malformed PDF file, causing the application to crash. The PoC is a malformed PDF file (2008-HI2.pdf) that exploits a vulnerability in the handling of PDF structures.

Description

Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.

Exploits (1)

exploitdb WORKING POC VERIFIED

by securfrog · textdoswindows

https://www.exploit-db.com/exploits/5687

View Code ZIP pw:eip

This exploit triggers a denial of service (DoS) in Adobe Acrobat Reader <= 8.1.2 by opening a malformed PDF file, causing the application to crash. The PoC is a malformed PDF file (2008-HI2.pdf) that exploits a vulnerability in the handling of PDF structures.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Adobe Acrobat Reader <= 8.1.2

No auth needed

Prerequisites: Victim must open the malformed PDF file

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35163

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32700

Various Sources x_refsource_confirm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609

Various Sources x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb09-04.html

Various Sources vendor-advisory x_refsource_sunalert

http://download.oracle.com/sunalerts/1019937.1.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32872

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42886

Various Sources x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb08-19.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5687

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/29420

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/0098

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA08-309A.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1021140

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/3001

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2008-0974.html

Various Sources x_refsource_confirm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=800801

Scores

EPSS 0.7186

EPSS Percentile 98.8%

Details

Status published

Products (32)

adobe/acrobat_reader 3.0

adobe/acrobat_reader 4.0

adobe/acrobat_reader 4.0.5

adobe/acrobat_reader 4.5

adobe/acrobat_reader 5.0

adobe/acrobat_reader 5.0.5

adobe/acrobat_reader 5.0.6

adobe/acrobat_reader 5.0.7

adobe/acrobat_reader 5.0.9

adobe/acrobat_reader 5.0.10

... and 22 more

Published Jun 04, 2008

Tracked Since Feb 18, 2026