Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.

1) A memory corruption error exists in the bundled version of Adobe Flash Player.

For more information:
SA41434

2) Unspecified errors in the Linux based versions can be exploited to gain escalated privileges.

3) Input validation errors in the ActiveX control may allow code execution.

4) An error when parsing fonts may allow code execution.

5) An unspecified error can be exploited to corrupt memory.

6) An unspecified error can be exploited to corrupt memory.

7) An error when parsing images may allow code execution.

8) An integer overflow within ACE.dll when copying certain data while parsing an ICC stream can be exploited to cause a stack-based buffer overflow and may allow execution of arbitrary code.

9) An integer underflow within ACE.dll when parsing certain data in an ICC stream can be exploited to cause a heap-based buffer overflow and may allow execution of arbitrary code.

10) An unspecified error in the Macintosh based versions may allow code execution.

11) An input validation error when parsing images on the Macintosh platform may allow code execution.

12) An unspecified "prefix protocol handler" error may allow code execution.

13) An input validation error when parsing fonts may allow code execution.

14) A use-after-free error when parsing PAGES thumbnails can be exploited to use released memory via a specially crafted PDF file and may allow execution of arbitrary code.

15) An unspecified error can be exploited to corrupt memory.

16) An input validation error when parsing images may allow code execution.

17) Some errors in 3difr.x3d and AcroRd32.dll can be exploited to corrupt memory and may allow execution of arbitrary code.

18) An array-indexing error in the Macintosh based versions when parsing the "acrobat://" protocol handler parameters can be exploited to write a NULL byte outside the bounds of a buffer and may allow execution of arbitrary code.

19) A boundary error while processing certain file formats can be exploited to cause a stack-based buffer overflow and may allow execution of arbitrary code.

20) An unspecified error can be exploited to corrupt memory.

The vulnerabilities is reported in version 8.2.4 and prior and version 9.3.4 and prior.

Solution
Update to version 8.2.5 or 9.4.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Reported as a 0-day in Flash Player.
8-9) Sebastian Apelt via ZDI.
14) Ricardo Narvaja, Core Security Technologies.
17) Brett Gervasoni, Sense of Security.
18) Knud Erik Højgaard, nSense Vulnerability Research Team.
19) An anonymous person via ZDI.

The vendor also credits:
2) Red Hat Security Response Team.
3-7,13,20) Tavis Ormandy, Google Security Team.
10) James Quirk, Los Alamos, New Mexico.
11) Felipe Andres Manzano via iSIGHT Partners Global Vulnerability Partnership.
12) Billy Rios, Google Security Team.
15) Bing Liu, Fortinet's FortiGuard Labs.
16) Will Dormann, CERT.

Changelog
Further details available to Secunia VIM customers

Original Advisory
Adobe:
http://www.adobe.com/support/security/bulletins/apsb10-21.html
http://www.adobe.com/support/security/advisories/apsa10-03.html

Core Security Technologies (CORE-2010-0701):
http://www.coresecurity.com/content/adobe-acrobat-acrord23-reader-use-after-free

nSense (NSENSE-2010-001):
http://www.nsense.fi/advisories/nsense_2010_001.txt

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-10-191/
http://www.zerodayinitiative.com/advisories/ZDI-10-192/
http://www.zerodayinitiative.com/advisories/ZDI-10-193/

Sense of Security:
http://www.senseofsecurity.com.au/advisories/SOS-10-003.pdf

Other references
Further details available to Secunia VIM customers

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available to Secunia VIM customers