Adobe Reader is prone to an unspecified remote code execution vulnerability that could allow for remote code execution. Members of the computer security community have observed an exploit targeting Adobe Reader X and Adobe Reader XI being used by the Blackhole exploit kit, which is used to distribute various strains of malware including Zeus, Spyeye, Carberp, and Citadel.
Adobe has stated that they have not verified this vulnerability, and are in the process of investigating the claim. According to researchers at Group-IB, this vulnerability allows for bypassing of the sandbox feature in Adobe Reader. Group-IB also states that the exploit does not fully work until a user closes Adobe Reader or a web browser using the Adobe Reader plugin.
Successful exploitation could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts will likely cause denial-of-service conditions.