Vulnerability Description
A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property value with an invalid acroie:// URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | 9 |
| Microsoft | Internet Explorer | 7 |
| Microsoft | Windows Vista | - |
Related Weaknesses (CWE)
References
- http://securityreason.com/securityalert/4257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45195
- https://www.exploit-db.com/exploits/6424
- http://securityreason.com/securityalert/4257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45195
- https://www.exploit-db.com/exploits/6424
FAQ
What is CVE-2008-4071?
CVE-2008-4071 is a vulnerability with a CVSS score of 5.0 (MEDIUM). A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property v...
How severe is CVE-2008-4071?
CVE-2008-4071 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4071?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Microsoft Internet Explorer, Microsoft Windows Vista.