Adobe Acrobat and Reader are prone to a remote code-execution vulnerability because the software fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users.
The following applications are affected:
- Adobe Reader 8.0 through 8.1.2
- Adobe Reader 7.0.9 and prior
- Adobe Acrobat Professional, 3D and Standard 8.0 through 8.1.2
- Adobe Acrobat Professional, 3D and Standard 7.0.9 and prior
NOTE: This vulnerability may be related to the issue described in BID 29420 (Adobe Acrobat Reader Unspecified Remote Denial Of Service Vulnerability).