The host is missing a critical security update according to Adobe advisory, APSB09-04. The update is required to fix a vulnerability. The flaws are present in the JavaScript API, which fails to handle getAnnots Doc method in the JavaScript API. Successful exploitation allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code.