Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html
Affected software versions
Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh Per: http://www.adobe.com/support/security/bulletins/apsb10-02.html
a memory corruption vulnerability that could lead to code execution (CVE-2009-3955).