The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2008-05-07 17:20
Updated : 2018-10-30 09:25
NVD link : CVE-2008-2042
Mitre link : CVE-2008-2042
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
adobe
- acrobat_reader
- acrobat