Launchpad.net

CVE 2007-5663

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.

Related bugs and status

CVE-2007-5663 (Candidate) is related to these bugs:

Bug #190570: Security update available for Adobe Reader

		In	Importance	Status
190570	Security update available for Adobe Reader	Medibuntu	Medium	Fix Released
190570	Security update available for Adobe Reader	Medibuntu feisty	High	Fix Released
190570	Security update available for Adobe Reader	Medibuntu gutsy	Medium	Fix Released
190570	Security update available for Adobe Reader	Medibuntu hardy	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

IDEFENSE: 20080208 Adobe Reader ...
CONFIRM: http://www.adobe.com/s...
CERT-VN: VU#140129
CERT: TA08-043A
REDHAT: RHSA-2008:0144
SECUNIA: 29065
GENTOO: GLSA-200803-01
SECUNIA: 29205
CONFIRM: http://www.adobe.com/s...
SUNALERT: 239286
SECUNIA: 30840
VUPEN: ADV-2008-1966
OVAL: oval:org.mitre.oval:de...