Vulnerability Description
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | <= 8.1.1 |
| Adobe | Acrobat Reader | <= 8.1.1 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html
- http://secunia.com/advisories/28983Vendor Advisory
- http://secunia.com/advisories/29065Vendor Advisory
- http://secunia.com/advisories/29205
- http://secunia.com/advisories/30840
- http://security.gentoo.org/glsa/glsa-200803-01.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1
- http://www.adobe.com/support/security/advisories/apsa08-01.htmlPatch
- http://www.adobe.com/support/security/bulletins/apsb08-13.html
- http://www.redhat.com/support/errata/RHSA-2008-0144.html
- http://www.securityfocus.com/archive/1/488000/100/0/threaded
- http://www.vupen.com/english/advisories/2008/1966/references
- http://www.zerodayinitiative.com/advisories/ZDI-08-004.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html
FAQ
What is CVE-2008-0726?
CVE-2008-0726 is a vulnerability with a CVSS score of 9.3 (HIGH). Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
How severe is CVE-2008-0726?
CVE-2008-0726 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0726?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Reader.