CVE-2009-1493

Name of the Vulnerable Software and Affected Versions: Adobe Reader versions 9.1, 8.1.4, 7.1.1, and earlier

Description: The issue allows remote attackers to cause a denial of service or execute arbitrary code via a PDF file that triggers a call to the customDictionaryOpen spell method with a long string in the second argument. This can lead to memory corruption.

Recommendations: For Adobe Reader versions 9.1, 8.1.4, 7.1.1, and earlier, consider disabling the customDictionaryOpen spell method in the JavaScript API as a temporary workaround until a patch is available. Restrict access to PDF files that could potentially trigger this method with a long string in the second argument to minimize the risk of exploitation.