Vulnerability resides in implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader. 400 million Android users should immediately update their app from Google Play Store. Cyber criminals can use phishing attacks or Facebook Spam to take advantage of such vulnerabilities. Researchers also published a crafted PDF file as Proof of Concept, to demonstrate the vulnerability. Successful exploitation could allow a malicious attacker to access your important files stored on the Device SD card. The vulnerability was discovered by security researcherof, claimed that an attacker can create a specially crafted PDF.
Source: https://thehackernews.com/2014/04/update-adobe-reader-app-for-android-to_15.html