High severity7.8CISA KEVNVD Advisory· Published Nov 4, 2008· Updated Apr 22, 2026
CVE-2008-2992
CVE-2008-2992
Description
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
Affected products
3- cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
28- www.adobe.com/support/security/bulletins/apsb08-19.htmlnvdBroken LinkPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2008-0974.htmlnvdBroken LinkPatch
- securityreason.com/securityalert/4549nvdBroken LinkExploit
- www.exploit-db.com/exploits/7006nvdExploitThird Party AdvisoryVDB Entry
- download.oracle.com/sunalerts/1019937.1.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/29773nvdBroken LinkVendor Advisory
- secunia.com/advisories/32700nvdBroken LinkVendor Advisory
- secunia.com/advisories/32872nvdBroken LinkVendor Advisory
- secunia.com/advisories/35163nvdBroken LinkVendor Advisory
- secunia.com/secunia_research/2008-14/nvdBroken LinkVendor Advisory
- www.coresecurity.com/content/adobe-reader-buffer-overflownvdThird Party Advisory
- www.kb.cert.org/vuls/id/593409nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/archive/1/498027/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/498032/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/498055/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/30035nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/32091nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-309A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2008/3001nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2009/0098nvdBroken LinkVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-08-072/nvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/6994nvdThird Party AdvisoryVDB Entry
- osvdb.org/49520nvdBroken Link
- support.nortel.com/go/main.jspnvdBroken Link
- support.nortel.com/go/main.jspnvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.