Use-after-free RCE in Adobe Acrobat

Small single-script exploit repository containing a Python PDF generator for CVE-2020-9715. The repo has 4 files: metadata/support files (`.gitignore`, `LICENSE`), documentation (`README.md`), and one executable script (`generate_poc.py`). The Python script builds a minimal PDF from scratch using a custom `PDFObject` class, then embeds a dummy file object, registers it in the PDF `EmbeddedFiles` name tree under the ANSI name `poc_data`, and sets a JavaScript `OpenAction` so the payload runs automatically when the PDF is opened. The exploit capability is limited to proof-of-concept triggering of Adobe Reader's ESObject cache use-after-free. The generated JavaScript first accesses `this.dataObjects` to create/cache the ESObject, nulls the reference, performs repeated allocations to encourage garbage collection, sprays the heap with many `ArrayBuffer` objects filled with `0x41414141`, and then re-accesses `this.dataObjects[0]` to dereference a stale pointer. This is intended to reproduce the vulnerability pattern and generate EDR-detectable behavior or a crash. There is no weaponized payload, no shellcode, no network communication, and no persistence or lateral movement logic. No external network endpoints, URLs, IPs, or domains are contacted by the code. The only fingerprintable artifacts are local/file-level indicators inside the generated PDF and script behavior: the output filename `CVE-2020-9715.pdf`, the embedded file name `poc_data`, the PDF structures `/EmbeddedFiles`, `/OpenAction`, and the Acrobat JavaScript timer call `app.setTimeOut("triggerUAF()", 500)`. Overall, this repository is a focused local file-based PoC generator for EDR validation against a known Adobe Reader UAF exploitation pattern.