A bare bones note posted to TippingPoint's upcoming advisories page provides a stark warning:
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Adobe software. User interaction is required to exploit this vulnerability.
The company did not identify the vulnerable Adobe product but it's a safe bet this is a bug affecting either Adobe Reader or Adobe Acrobat (or both).
[ SEE: Attack of the PDFs ]
The latest discovery follows an in-the-wild malware attack that used rigged PDF files to exploit a hole in Adobe Reader.
So far this year, Adobe has issued a total of 18 security bulletins with patches for a wide range of software vulnerabilities.