Here are some URL's that can be used to demonstrate the Adobe Acrobat XSS vulnerability to people, and hopefully get them to patch.
- Short - http://tinyurl.com/yjeeoc
As an interesting aside, it seems Google has added the following HTTP header to requests for PDFs from their servers:
This forces PDFs to be opened outside of the browser. Nice work Google.