The vulnerability exists due to a boundary condition when handling Annotation objects. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.