• CVE ID: 2008-2992 (see also: NVD)
• Secunia Advisory ID: 29773 32700 32872 33460 33491 35163
• Bugtraq ID: 32091
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2008-11/0018.html
  http://archives.neohapsis.com/archives/bugtraq/2008-11/0019.html
  http://archives.neohapsis.com/archives/fulldisclosure/2008-11/0091.html
  http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
• Generic Exploit URL: http://hackingspirits.com/vuln-rnd/vuln-rnd.html
  http://www.metasploit.com
• Other Advisory URL: http://secunia.com/secunia_research/2008-14/
  http://sunsolve.sun.com/search/document.do?assetkey=1-66-249366-1
  http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=909609
  http://www.coresecurity.com/content/adobe-reader-buffer-overflow
  http://www.gentoo.org/security/en/glsa/glsa-200901-09.xml
• News Article: http://www.net-security.org/secworld.php?id=6715
• Vendor Specific Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0974.html

• Dyon Balding - Secunia
• Damian Frizza - Core Security Technologies

2008/11/13 14:01:06 | Malicious Web Site / Malicious Code: Adobe Acrobat & Reader util.printf JavaScript Vulnerability

from: CU*Answers Newsstand » Home

Websense® Security Labs™ has received reports of a proof-of-concept (PoC) ... files (CVE-2008-2992). Successful exploitation allows the attacker the same level of permission

2008/11/12 05:04:50 | Analyzing PDF files and Shellcode

from: sudosecure.net

With all the talk over the recent Adobe CVE-2008-2992 vulnerability being exploited in the wild, I thought it would be a good time to document how I go about analyzing PDF files and shellcode

2008/11/05 17:21:00 | Adobe Reader 'util.printf()' JavaScript Function Stack Buffer Overflow Exploit

from: Thoughts of a Technocrat

http://www.milw0rm.com/exploits/6994-------------------This exploit is related to CVE-2008-2992.A boundary error exists when parsing format strings containing a floating point specifier

2008/11/10 07:59:22 | Security News Roundup: Security researchers to demonstrate WPA packet injection

from: IT Security | TechRepublic.com

This week’s security events include news that there will be just two updates for Microsoft’s Patch Tuesday this month, ... exploits spotted in the wild.  The exploit in this case leverages on CVE-2008-2992 by means

2008/11/07 20:48:00 | Adobe 8 PDF Vulnerability exploited in-the-wild

from: Harry Waldron - Corporate and Home Security

[ Lightning] The recent Adobe 8 PDF vulnerability is being exploited in-the-wild ... by Adobe couple of days ago (CVE-2008-2992). Unfortunately, Wayne was right – these PDF documents

2008/11/09 06:11:53 | Security hole in PDF

from: Tech Skill

The research and development team of SkyRecon identified a security vulnerability in PDF files ... execution. (CVE-2008-2992) This update resolves an input validation issue in a JavaScript method

2008/11/07 23:00:12 | Recently Patched Adobe Reader Flaw Used By Miscreants To Hijack PCs

from: Daily cyber threats and internet security news

Recently Patched Adobe Reader Flaw Used By Miscreants To Hijack PCs Three days after Adobe rushed out a critical update, ... exploiting CVE-2008-2992. According to SANS, none of the 32 top anti-virus programs were detecting