CVE-2008-4814

Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via JavaScript Method

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."

References (14)

Core 14
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32700
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32100
Various Sources vendor-advisory x_refsource_sunalert
http://download.oracle.com/sunalerts/1019937.1.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32872
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46334
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb08-19.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0098
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA08-309A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021140
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3001
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0974.html

Scores

EPSS 0.1187
EPSS Percentile 95.6%

Details

CWE
CWE-20
Status published
Products (3)
adobe/acrobat 8.1.1 (4 CPE variants)
adobe/acrobat < 8.1.2 (3 CPE variants)
adobe/acrobat_reader < 8.0
Published Nov 05, 2008
Tracked Since Feb 18, 2026