Test Kennung:	1.3.6.1.4.1.25623.1.0.800050
Kategorie:	Buffer overflow
Titel:	Adobe Reader/Acrobat Multiple Vulnerabilities (APSB08-19) - Windows
Zusammenfassung:	Adobe Reader/Acrobat is prone to multiple vulnerabilities.
Beschreibung:	Summary: Adobe Reader/Acrobat is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to: - a boundary error when parsing format strings containing a floating point specifier in the util.printf() Javascript function. - improper parsing of type 1 fonts. - bounds checking not being performed after allocating an area of memory. Vulnerability Impact: Successful exploitation allows remote attackers to execute arbitrary code to cause a stack based overflow via a specially crafted PDF, and could also take complete control of the affected system and cause the application to crash. Affected Software/OS: Adobe Reader versions 8.1.2 and prior Adobe Acrobat Professional versions 8.1.2 and prior Solution: Upgrade to 8.1.3 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2992 BugTraq ID: 30035 http://www.securityfocus.com/bid/30035 BugTraq ID: 32091 http://www.securityfocus.com/bid/32091 Bugtraq: 20081104 CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/498032/100/0/threaded Bugtraq: 20081104 Secunia Research: Adobe Acrobat/Reader "util.printf()" Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/498027/100/0/threaded Bugtraq: 20081104 ZDI-08-072: Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/498055/100/0/threaded Cert/CC Advisory: TA08-309A http://www.us-cert.gov/cas/techalerts/TA08-309A.html CERT/CC vulnerability note: VU#593409 http://www.kb.cert.org/vuls/id/593409 https://www.exploit-db.com/exploits/6994 https://www.exploit-db.com/exploits/7006 http://secunia.com/secunia_research/2008-14/ http://www.coresecurity.com/content/adobe-reader-buffer-overflow http://www.zerodayinitiative.com/advisories/ZDI-08-072/ http://osvdb.org/49520 http://www.redhat.com/support/errata/RHSA-2008-0974.html http://www.securitytracker.com/id?1021140 http://secunia.com/advisories/29773 http://secunia.com/advisories/32700 http://secunia.com/advisories/32872 http://secunia.com/advisories/35163 http://securityreason.com/securityalert/4549 http://download.oracle.com/sunalerts/1019937.1.html SuSE Security Announcement: SUSE-SR:2008:026 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://www.vupen.com/english/advisories/2008/3001 http://www.vupen.com/english/advisories/2009/0098 Common Vulnerability Exposure (CVE) ID: CVE-2008-2549 BugTraq ID: 29420 http://www.securityfocus.com/bid/29420 https://www.exploit-db.com/exploits/5687 XForce ISS Database: acrobatreader-pdf-dos(42886) https://exchange.xforce.ibmcloud.com/vulnerabilities/42886 Common Vulnerability Exposure (CVE) ID: CVE-2008-4812 BugTraq ID: 32100 http://www.securityfocus.com/bid/32100 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=755 XForce ISS Database: adobe-acrobatreader-type1font-code-execution(46332) https://exchange.xforce.ibmcloud.com/vulnerabilities/46332 Common Vulnerability Exposure (CVE) ID: CVE-2008-4813 Bugtraq: 20081104 ZDI-08-073: Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/498056/100/0/threaded Bugtraq: 20081104 ZDI-08-074: Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/498057/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-073/ http://www.zerodayinitiative.com/advisories/ZDI-08-074/ http://securityreason.com/securityalert/4564 XForce ISS Database: adobe-acrobatreader-collab-code-execution(46344) https://exchange.xforce.ibmcloud.com/vulnerabilities/46344 XForce ISS Database: adobe-acrobatreader-object-code-execution(46333) https://exchange.xforce.ibmcloud.com/vulnerabilities/46333 Common Vulnerability Exposure (CVE) ID: CVE-2008-4817 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=756 http://osvdb.org/49541 Common Vulnerability Exposure (CVE) ID: CVE-2008-4816 Common Vulnerability Exposure (CVE) ID: CVE-2008-4814 http://www.skyrecon.com/index.php?option=com_content&task=view&id=302&Itemid=124 XForce ISS Database: adobe-javascript-code-execution1(46334) https://exchange.xforce.ibmcloud.com/vulnerabilities/46334 Common Vulnerability Exposure (CVE) ID: CVE-2008-4815 https://bugzilla.redhat.com/show_bug.cgi?id=469882 XForce ISS Database: adobe-acrobat-reader-priv-escalation(46335) https://exchange.xforce.ibmcloud.com/vulnerabilities/46335
Copyright	Copyright (C) 2008 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.