Adobe’s widespread Acrobat DC PDF reader and editor is no stranger to bugs or holes that allow malicious hackers entry to your system. The latest, discovered by the Cisco Talos team, is one of several that together allow hidden Javascript code in a file to execute when you open it.

More technically:  

A specific Javascript script embedded in a PDF file can cause the document ID field to be used in an unbounded copy operation leading to stack-based buffer overflow when opening a specially crafted PDF document in Adobe Acrobat Reader DC 2018.009.20044. This stack overflow can lead to return address overwrite which can result in arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file or access a malicious web page.

Basically, it allows someone to overload one of Acrobat’s metadata fields, causing an error that allows it to overwrite a bit of programming to run their own.