Added: 06/17/2010
CVE: CVE-2010-1297
BID: 40586
OSVDB: 65141
Adobe Reader is free software for viewing PDF documents.
A memory corruption vulnerability in **authplay.dll**
provided with Adobe Reader 9.3.2 and earlier 9.x versions allows command execution when a user opens a specially crafted PDF file that contains Shockwave Flash (SWF) content that calls the **newfunction()**
function with invalid parameters.
Apply the patches referenced in APSA10-01 when they become available. In the interim, follow the relevant directions for mitigating the vulnerability in Adobe Reader.
<http://secunia.com/advisories/40034>
Exploit works on Adobe Reader 9.3.0.
The user must open the exploit file in Adobe Reader.
Windows