This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL.
The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. Later the application will begin to copy data into the calculated pointer corrupting the referenced data structure. Successful exploitation will lead to code execution under the context of the application.