Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability
Severity: : Critical
CVE Kennungen: : CVE-2008-4813
Advisory Date: 21 de июля de 2015
DESCRIPTION
Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that (1) performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or (2) contains a malformed PDF object that triggers memory corruption during parsing.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1003301
Trend Micro Deep Security DPI Rule Name: 1003301 - Adobe Acrobat PDF Font Processing Memory Corruption
AFFECTED SOFTWARE AND VERSION:
- Adobe Acrobat 8.1.1
- adobe acrobat 8.1.2
- adobe reader 8.1.2