Adobe Acrobat/Reader security problem.
Digital Signature for Adobe Acrobat/Reader plug-in can be Forged.
Get the details here.
Adobe Acrobat Reader supports plug-ins, i.e. additional modules that extend the functionality of Adobe Acrobat and Adobe Acrobat Reader; plug-ins SDK and plug-ins certification (signing) mechanism are provided. By design, Adobe Acrobat (and Reader) should load only digitally signed plug-ins, while the key (for signing) is provided by Adobe itself -- to developers who has signed a special agreement with Adobe. Besides, some plug-ins is signed by Adobe using their own private Key, and there is a 'trusted' mode in Acrobat, when only Adobe-certified plug-ins is being loaded.