As promised, the company sent out a security advisory on Tuesday with fixes for the vulnerability, and also patched a second flaw affecting Unix only. Security firm Secunia gave the flaws a "highly critical" ranking.
Adobe acknowledged that proof-of-concept code was circulating for the flaws on 27 April. The code was first released on the Linux security website Packetstorm.
However, Adobe said in a blog post on Tuesday that it was not aware of any attacks actively exploiting the proof-of-concept code.
Both bugs could be exploited via a specially crafted PDF file to crash the affected applications or take control of a user's system, Adobe said in its advisory.
The bugs affect Reader 9.1 and Acrobat 9.1, as well as earlier versions, Adobe said. The company has fixed the issues in Acrobat and Reader versions 9.1.1, 8.1.5 and 7.1.2. The updates are available via Adobe's advisory.