The vulnerability was initially referenced in the news thread (McAfee spots Adobe Reader PDF-tracking flaw) last Monday. The post at the McAfee Labs Blog provides some additional details.

Tracking PDF Usage Poses a Security Problem

Friday, April 26, 2013 by Haifei Li

Update on May 2
Adobe has confirmed this vulnerability and has scheduled a patch release for May 14.

Recently, we detected some unusual PDF samples. After some investigation, we successfully identified that the samples are exploiting an unpatched security issue in every version of Adobe Reader including the latest "sandboxed" Reader XI (11.0.2). Although the issue is not a serious problem (such as allowing code execution), it does let people track the usage of a PDF. Specifically, it allows the sender to see when and where the PDF is opened.

The vulnerability

When a specific PDF JavaScript API is called with the first parameter having a UNC-located resource, Adobe Reader will access that UNC resource. However, this action is normally blocked and creates a warning dialog asking for permission, such as we see below: [Screesnshot]

The danger is that if the second parameter is provided with a special value, it changes the API's behavior. In this situation, if the UNC resource exists, we see the warning dialog. However, if the UNC resource does not exist, the warning dialog will not appear even though the TCP traffic has already gone.

Continued here: