A buffer overflow in Adobe Reader allows for code execution when a user
opens a malicious PDF file.
Adobe will be releasing updates to v9 on March 11, 2009. Version 8 and
7 patches will follow soon after.
file to inject its payload into the heap.
Adobe Reader, which will prevent code execution, but not crashing
available to avoid this exploit.
Adobe is talking to anti-virus vendors about a signature to catch
malicious PDFs of this type.