Accessibility

Support Knowledgebase

Issues addressed by the Acrobat 6.0.2 update and the Adobe Reader 6.0.2 update

This update fixes a number of problems discovered after Adobe Acrobat 6.0 and Adobe Reader 6.0 were released. This update applies to Acrobat 6.0.1 Standard, Acrobat 6.0.1 Professional, and Adobe Reader 6.0.1. It does not apply to Acrobat Elements 6.0.

You can download the Acrobat 6.0.2 and Adobe Reader 6.0.2 update from the Adobe website at www.adobe.com/support/downloads.

Some of the issues addressed in this update involve technical details relating to the Adobe XML architecture. For more information about how Adobe uses and enhances this technology, please visit the Adobe website at www.adobe.com/enterprise/xml.html .

This update includes fixes to potential vulnerabilities reported on the Common Vulnerabilities and Exposures (CVE) list under the following candidate numbers:

-- CAN-2004-0629 - Adobe Acrobat ActiveX Control Buffer Overflow

-- CAN-2004-0632 - Adobe Reader 6.0 Filename Handler Buffer Overflow

Some Internet articles note that Adobe Reader 6.0.2 can crash if malicious code is written to try to exploit this vulnerability. While Adobe Reader 6.0.2 may unexpectedly exit when a malicious file is opened, no damage results to the user's system, nor is there any other security-related impact. It is important to note that the 6.0.2 update does address the vulnerabilities reported above.

At this time, there are no known viruses, worms, or other active security exploits taking place in Acrobat or Adobe Reader. These updates proactively fortify our products before such exploits occur.

The following table lists the issues addressed by the Acrobat 6.0.2 update and Adobe Reader 6.0.2.

Platform
Category
Issue addressed
Windows, Mac OS
Data Exchange
Bar code-enabled forms properly generate 2D bar codes.
Windows
Security
Security update to further restrict malicious code execution.
Windows, Mac OS
Data Exchange
Support for forms generated by Adobe Designer 6.0 and deployed by Form Server 6.0 and Reader Extensions Server 6.0 that use Adobe's XML Forms architecture.
Windows, Mac OS
Data Exchange
The XML Forms Architecture plug-in has been updated so that forms with JavaScript-based intelligence work properly.
Windows, Mac OS
Data Exchange
Support for XML Data Package (XDP) files that are not based on XML Forms.
Windows, Mac OS
Data Exchange
PDF data in XDP files is correctly exposed to XML agents. This document metadata (information about the document, author, and workflow) facilitates integration with enterprise systems.
Windows, Mac OS
Data Exchange
Performance issues fixed around opening, submitting, importing or exporting XDP files.
Windows, Mac OS
Accessibility
Hidden fields created with Adobe Designer 6.0 no longer cause screen readers to fail in some cases.

For more information about industry efforts to identify actual and potential security vulnerabilities, please see www.cve.mitre.org .

This organization publishes the CVE list, and the candidate vulnerability identifiers used above (CANN-2004-xxx) are assigned by the CVE to track these specific issues.


Related Documents

Document 330527
Last edited - 06/27/2005

 

Got Some Time to Take a Survey?

Tell us what you think about this support site.