Oval Definition:oval:com.redhat.rhsa:def:20080641
Revision Date:2008-07-21Version:603
Title:RHSA-2008:0641: acroread security update (Critical)
Description:Adobe Acrobat Reader allows users to view and print documents in Portable Document Format (PDF).

  • An input validation flaw was discovered in a JavaScript engine used by Acrobat Reader. A malicious PDF file could cause Acrobat Reader to crash or, potentially, execute arbitrary code as the user running Acrobat Reader. (CVE-2008-2641)

  • An insecure temporary file usage issue was discovered in the Acrobat Reader "acroread" startup script. A local attacker could potentially overwrite arbitrary files that were writable by the user running Acrobat Reader, if the victim ran "acroread" with certain command line arguments. (CVE-2008-0883)

    All acroread users are advised to upgrade to these updated packages, that contain Acrobat Reader version 8.1.2 Security Update 1, and are not vulnerable to these issues.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2008-0883
    CVE-2008-2641
    RHSA-2008:0641-02
    Platform(s):Supplementary for Red Hat Enterprise Linux 5
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux 5 is installed
  • AND Package Information
  • acroread is earlier than 0:8.1.2.SU1-2.el5
  • AND acroread is signed with Red Hat redhatrelease key
  • OR
  • acroread-plugin is earlier than 0:8.1.2.SU1-2.el5
  • AND acroread-plugin is signed with Red Hat redhatrelease key
  • BACK