Well, hot on the heals of Microsoft Patch Tuesday as we now know comes Adobe Patch Tuesday.
Guy has already kindly alerted us to the Cold Fusion vulnerability announced in apsa13-01 but we also need to highlight apsa13-02 which was also released on the 8th.
This covers a huge number of CVEs (27 if you need to know) and most of which could lead to code execution using a variety of techniques including use-after-free, integer, heap and stack over flows.
However, as we know other PDF readers are available and Foxitis quiet often what security minded people have installed. However there is also announced this week an as yet un-patched vulnerability discovered by Andrea Micalizzii inFoxit Reader 5.x, and Foxit Reader 2.x Plugin for which the exploit code is publicly available. This has reportedly been tested against versionFoxit Reader 5.4.4.1128 which is what is available for download as of today.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.