Adobe recently released the Adobe Reader and Acrobat JavaScript Blocklist Framework. The official document put out by Adobe says: the “JavaScript Blocklist can be in two locations” on a 32-bit Windows system. As of today, there isn’t an official list of Adobe Javascript API functions to block, but I’d suggest adding the following to your blocklist just because these functions have been heavily exploited in the past several months: Util.printf ( CVE-2008-2992) Collab.getIcon (CVE-2009-0927)”]
Source: https://blog.talosintelligence.com/2010/01/acrobat-javascript-blacklist-framework.html