CVE-2009-1492

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.

Date published : 2009-04-30

http://www.securityfocus.com/bid/34736

http://www.us-cert.gov/cas/techalerts/TA09-133B.html