iDefense Security Advisory 09.13.11 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Reader could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a JPEG file embedded inside a PDF file. When processing specific JPEG markers, Adobe Reader creates an object on the stack and keeps a pointer to that object in another place. The pointer is later dereferenced after the object on the stack becomes invalid. This can lead to the execution of arbitrary code.
98246f4d76ea0a617b57b64ceace44db1008e3811fb8221ea6c9acf39959a89e