It was discovered that a buffer overflow in the MuPDF viewer might lead to the execution of arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 0.9-2+deb7u2.