CVE-2008-4814

critical

Description

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46334

http://www.vupen.com/english/advisories/2009/0098

http://www.vupen.com/english/advisories/2008/3001

http://www.us-cert.gov/cas/techalerts/TA08-309A.html

http://www.skyrecon.com/index.php?option=com_content&task=view&id=302&Itemid=124

http://www.securitytracker.com/id?1021140

http://www.securityfocus.com/bid/32100

http://www.redhat.com/support/errata/RHSA-2008-0974.html

http://www.adobe.com/support/security/bulletins/apsb09-04.html

http://www.adobe.com/support/security/bulletins/apsb08-19.html

http://secunia.com/advisories/32872

http://secunia.com/advisories/32700

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html

http://download.oracle.com/sunalerts/1019937.1.html

Details

Source: Mitre, NVD

Published: 2008-11-05

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.17344

Detections

Analytics