The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Reader | Adobe | 8.1.4 (including) | 8.1.4 (including) |
Reader | Adobe | 9.1 (including) | 9.1 (including) |