CVE-2008-4817

The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:download_manager:*:*:*:*:*:*:*:*
OR cpe:2.3:a:adobe:acrobat:*:unknown:3d:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:*:unknown:professional:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:*:unknown:standard:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.1:unknown:3d:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.1:unknown:professional:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.1:unknown:standard:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-11-05 15:00

Updated : 2024-02-04 17:33


NVD link : CVE-2008-4817

Mitre link : CVE-2008-4817

CVE.ORG link : CVE-2008-4817


JSON object : View

Products Affected

adobe

  • download_manager
  • acrobat
  • acrobat_reader
CWE
CWE-20

Improper Input Validation