From secunia security advisory at $URL:
The vulnerability is caused due to an unspecified error when handling U3D data. No further information is currently available.
The vulnerability is reported in:
* Adobe Reader versions 9.4.6 and prior for Windows, Macintosh, and UNIX.
Do not open untrusted PDF files. A fix is scheduled to be released for Adobe Reader and Acrobat 9.x for Windows in the week of December 12, 2011.
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat
10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through
9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a
denial of service (memory corruption) via unknown vectors, as exploited in
the wild in December 2011.
Adobe has released reader 9.4.7 for linux.
Please bump; thanks!
*** Bug 398303 has been marked as a duplicate of this bug. ***
Just bumped to app-text/acroread-9.4.7 (english only, same as 9.4.6).
It might be a good idea to fast-stabilize that (missing localization does not
really count with that list of CVE's).
Please ignore the repoman warning (there is no src_prepare, and just starting
one for the sed call does not make sense).
Arches, please test and mark stable:
Target keywords : "amd64 x86"
x86: is ok
added to existing glsa request
Thanks everyone. Vulnerable version has been removed from the tree.
This issue was resolved and addressed in
GLSA 201201-19 at http://security.gentoo.org/glsa/glsa-201201-19.xml
by GLSA coordinator Alex Legler (a3li).
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat
9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on
Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS
X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to
execute arbitrary code or cause a denial of service (memory corruption) via
unknown vectors, as exploited in the wild in December 2011.