Gentoo Linux Security Advisory GLSA 200803-01:04 - Adobe Acrobat Reader is vulnerable to remote code execution, Denial of Service, and cross-site request forgery attacks. Versions less than 8.1.2 are affected.
3b620d56e2d1802267a0433a31893c83d5b29b6e044a17c553f561841201749d
iDefense Security Advisory 02.08.08 - Remote exploitation of an insecure method exposed by the JavaScript library in Adobe Reader and Acrobat could allow an attacker to execute arbitrary code as the current user. Adobe Reader and Acrobat implement a version of JavaScript in the EScript.api plug-in which is based on the reference implementation used in Mozilla products. One of the methods exposed allows direct control over low level features of the object, which in turn allows execution of arbitrary code. iDefense has confirmed this vulnerability exists in Adobe Reader 8.1 on Windows XP SP2. It is likely that other Adobe products that handle PDF files, including previous versions of Adobe Reader, are also affected.
dbaad2878fa40c352148186c8e60fdaec85df78c429b573508d0ec0a58af0de5