CVE-2008-4815
Summary
| CVE | CVE-2008-4815 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-11-05 15:00:14 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Adobe | Acrobat | 8.1.1 | All | All | All |
| Application | Adobe | Acrobat | 8.1.1 | unknown | 3d | All |
| Application | Adobe | Acrobat | 8.1.1 | unknown | professional | All |
| Application | Adobe | Acrobat | 8.1.1 | unknown | standard | All |
| Application | Adobe | Acrobat | All | unknown | 3d | All |
| Application | Adobe | Acrobat | All | unknown | professional | All |
| Application | Adobe | Acrobat | All | unknown | standard | All |
| Application | Adobe | Acrobat Reader | All | All | All | All |
| Operating System | Unix | Unix | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| Multiple Security Vulnerabilities in the Adobe Reader May Lead to Execution of Arbitrary Code | af854a3a-2127-422b-91ae-364da2661108 | download.oracle.com | |
| Adobe Acrobat and Reader 8.1.2 Multiple Security Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Adobe Acrobat Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| Security Alerts - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Adobe - Security Advisories : APSB08-19 - Security Update available for Adobe Reader 8 and Acrobat 8 | af854a3a-2127-422b-91ae-364da2661108 | www.adobe.com | Patch, Vendor Advisory |
| SUSE Update for Multiple Packages - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| Support | af854a3a-2127-422b-91ae-364da2661108 | www.redhat.com | |
| Bug 469882 – CVE-2008-4815 Adobe Reader: insecure RPATH flaw | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | |
| US-CERT Technical Cyber Security Alert TA08-309A -- Adobe Reader and Acrobat Vulnerabilities | af854a3a-2127-422b-91ae-364da2661108 | www.us-cert.gov | US Government Resource |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| [security-announce] SUSE Security Summary Report: SUSE-SR:2008:026 | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.