VYPR
← All advisories
Unrated severityNVD Advisory· Published May 8, 2008· Updated Apr 23, 2026

CVE-2008-2042

CVE-2008-2042

Description

The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.

Affected products

76
  • Adobe Inc./Acrobat35 versions
    cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*+ 34 more
    • cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*range: <=8.1.1
    • cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*
  • Adobe Inc./Acrobat Reader41 versions
    cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*+ 40 more
    • cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*range: <=8.1.1
    • cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:6.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:7.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.