Is already being actively exploited by criminals.
Adobe has been made aware of the existence of a vulnerability in its PDF products, and Acrobat Reader, which is already being exploited by malicious.
According to the security firm Secunia the vulnerability is due to an error in font-analysis in CoolType.dll library to the Windows version of the software, but Adobe says that the vulnerability is not operating system dependent. This is apparent in all versions of Adobe Reader and Acrobat to version 9.3.4 and earlier.
Using a specially crafted PDF file occurs a stack based buffer overflow bugs that get the software to crash, which could give the attacker full access to the system. This PDF file can be offered to the user as an attachment to an e-mail or via a website.