Adobe Acrobat and Adobe Reader fail to properly handle a specially crafted PDF file, which may allow a remote attacker to execute arbitrary code on a vulnerable system.
Adobe Acrobat and Adobe Reader are applications designed to create and view Portable Document Format (PDF) files. A specially crafted PDF file can cause heap memory corruption when it is opened in these applications. This memory corruption may allow an attacker to overwrite the contents of the EIP (Extended Instruction Pointer) register, thus gaining control of program execution flow. According to Adobe, the affected versions are:
Adobe Reader 7.0.8 and earlier versions
Adobe Acrobat Standard, Professional and Elements 7.0.8 and earlier versions
Adobe Acrobat 3D
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Apply an update