CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2992

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score28.2830%
EPSS Percentile88.54th
PublishedNov 4, 2008
Last ModifiedApr 22, 2026

Vulnerability Description

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

Affected Platforms (CPE)

πŸ“¦
Adobe

Acrobat

<= 8.1.2
πŸ“¦
Adobe

Acrobat Reader

<= 8.1.2
πŸ’»
Oracle

Solaris

= 10

References & Advisories

πŸ”— http://download.oracle.com/sunalerts/1019937.1.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
πŸ”— http://osvdb.org/49520
πŸ”— http://secunia.com/advisories/29773
πŸ”— http://secunia.com/advisories/32700
πŸ”— http://secunia.com/advisories/32872
πŸ”— http://secunia.com/advisories/35163
πŸ”— http://secunia.com/secunia_research/2008-14/

Related Vulnerabilities

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...