Vulnerabilities > CVE-2008-5331 - Cryptographic Issues vulnerability in Adobe Acrobat 9/9.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Adobe Acrobat 9 uses more efficient encryption than previous versions, which makes it easier for attackers to guess a document's password via a brute-force attack.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
References
- http://blogs.adobe.com/security/2008/12/acrobat_9_and_password_encrypt.html
- http://blogs.adobe.com/security/2008/12/acrobat_9_and_password_encrypt.html
- http://www.elcomsoft.com/PR/apdfpr_081126_en.pdf
- http://www.elcomsoft.com/PR/apdfpr_081126_en.pdf
- http://www.securityfocus.com/bid/32610
- http://www.securityfocus.com/bid/32610