OSVDB ID: 41494

Title: Adobe Reader / Acrobat EScript.api Plug-in Crafted PDF Arbitrary Code Execution

Info

Disclosure

Feb 07, 2008

Discovery

Unknown

Dates

Exploit

Feb 07, 2007

Solution

Feb 07, 2008

Description

Classification

Impact: Loss of Integrity
Exploit: Exploit Private
Disclosure: Vendor Verified

Solution

Upgrade to version 8.1.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

CERT VU: 140129
CVE ID: 2007-5663 (see also: NVD)
Secunia Advisory ID: 28851 29065 29205 30840
SCIP VulDB ID: 3592
Related OSVDB ID: 41493 41495
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-02/0104.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=656
http://www.gentoo.org/security/en/glsa/glsa-200803-01.xml
Vendor Specific Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-239286-1
http://www.adobe.com/support/security/advisories/apsa08-01.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/41494