Summary
This host has Adobe Reader/Acrobat installed, which is/are prone to Remote Code Execution Vulnerabilities.
Impact
Successful exploitation allows remote attackers to execute arbitrary code or an attacker could take complete control of an affected system or cause a denial of service condition.
Impact Level: System
Solution
Apply Security Update mentioned in the advisory from the below link, http://www.adobe.com/support/security/bulletins/apsb08-15.html
Insight
The flaw is due to an input validation error in a JavaScript method, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document.
Affected
Adobe Reader version 7.0.9 and prior - Windows(All) Adobe Reader versions 8.0 through 8.1.2 - Windows(All) Adobe Acrobat Professional version 7.0.9 and prior - Windows(All) Adobe Acrobat Professional versions 8.0 through 8.1.2 - Windows(All)
References
Severity
Classification
-
CVE CVE-2008-2641 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apache httpd Web Server Range Header Denial of Service Vulnerability
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
- Apple QuickTime Multiple Vulnerabilities - Jun09
- EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
- Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)