News of a significant security vulnerability in earlier versions of Adobe Reader and Acrobat has come to light.
The vulnerability exists in nearly any browser with the Acrobat Reader plug-in installed and allows malicious Javascript code to be injected on the client side.
Possible attacks that could be delivered using the flaw include session riding, cross-site scripting attacks and, in the case of Internet Explorer, denial of service attacks.