The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Acrobat | Adobe | 7.0 | 7.1.1 |
Acrobat | Adobe | 8.0 | 8.1.4 |
Acrobat | Adobe | 9.0 | 9.1 |