Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 233383 (CVE-2008-2641) - app-text/acroread <8.1.2-r3 Javascript input validation vulnerability (CVE-2008-2641)
Summary: app-text/acroread <8.1.2-r3 Javascript input validation vulnerability (CVE-20...
Alias: CVE-2008-2641
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: A2 [glsa]
Depends on:
Reported: 2008-07-30 15:18 UTC by Robert Buchholz (RETIRED)
Modified: 2008-08-09 22:44 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-07-30 15:18:01 UTC
CVE-2008-2641 (
  Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and
  8.0 through 8.1.2, allows remote attackers to cause a denial of service
  (application crash) or possibly execute arbitrary code via unknown vectors,
  related to an "input validation issue in a JavaScript method."
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-07-30 15:20:48 UTC
For Unix:
July 17, 2008 – Bulletin updated to include information for Unix version

Note that we fixed CVE-2008-0883 via bug 212367 already, so this is only the CVE-2008-2641 flaw.
Comment 2 Timo Gurr (RETIRED) gentoo-dev 2008-08-01 18:09:47 UTC
Thanks for telling me that they released an updated version, fixed in acroread-8.1.2-r3 now.
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-08-02 11:53:59 UTC
Arches, please test and mark stable:
Target keywords : "amd64 x86"
Comment 4 Tobias Heinlein (RETIRED) gentoo-dev 2008-08-03 17:14:12 UTC
amd64 stable
Comment 5 Markus Ullmann (RETIRED) gentoo-dev 2008-08-03 21:09:54 UTC
x86 stable
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-08-09 22:44:23 UTC
GLSA 200808-10