Issues addressed by the Acrobat 6.0.2 update and the Adobe Reader 6.0.2 update
This update fixes a number of problems discovered after Adobe Acrobat 6.0 and Adobe Reader 6.0 were released. This update applies to Acrobat 6.0.1 Standard, Acrobat 6.0.1 Professional, and Adobe Reader 6.0.1. It does not apply to Acrobat Elements 6.0.
You can download the Acrobat 6.0.2 and Adobe Reader 6.0.2 update from the Adobe website at www.adobe.com/support/downloads.
Some of the issues addressed in this update involve technical details relating to the Adobe XML architecture. For more information about how Adobe uses and enhances this technology, please visit the Adobe website at www.adobe.com/enterprise/xml.html .
This update includes fixes to potential vulnerabilities reported on the Common Vulnerabilities and Exposures (CVE) list under the following candidate numbers:
-- CAN-2004-0629 - Adobe Acrobat ActiveX Control Buffer Overflow
-- CAN-2004-0632 - Adobe Reader 6.0 Filename Handler Buffer Overflow
Some Internet articles note that Adobe Reader 6.0.2 can crash if malicious code is written to try to exploit this vulnerability. While Adobe Reader 6.0.2 may unexpectedly exit when a malicious file is opened, no damage results to the user's system, nor is there any other security-related impact. It is important to note that the 6.0.2 update does address the vulnerabilities reported above.
At this time, there are no known viruses, worms, or other active security exploits taking place in Acrobat or Adobe Reader. These updates proactively fortify our products before such exploits occur.
The following table lists the issues addressed by the Acrobat 6.0.2 update and Adobe Reader 6.0.2.
| Platform | Category | Issue addressed |
| Windows, Mac OS | Data Exchange | Bar code-enabled forms properly generate 2D bar codes. |
| Windows | Security | Security update to further restrict malicious code execution. |
| Windows, Mac OS | Data Exchange | Support for forms generated by Adobe Designer 6.0 and deployed by Form Server 6.0 and Reader Extensions Server 6.0 that use Adobe's XML Forms architecture. |
| Windows, Mac OS | Data Exchange | The XML Forms Architecture plug-in has been updated so that forms with JavaScript-based intelligence work properly. |
| Windows, Mac OS | Data Exchange | Support for XML Data Package (XDP) files that are not based on XML Forms. |
| Windows, Mac OS | Data Exchange | PDF data in XDP files is correctly exposed to XML agents. This document metadata (information about the document, author, and workflow) facilitates integration with enterprise systems. |
| Windows, Mac OS | Data Exchange | Performance issues fixed around opening, submitting, importing or exporting XDP files. |
| Windows, Mac OS | Accessibility | Hidden fields created with Adobe Designer 6.0 no longer cause screen readers to fail in some cases. |
For more information about industry efforts to identify actual and potential security vulnerabilities, please see www.cve.mitre.org .
This organization publishes the CVE list, and the candidate vulnerability identifiers used above (CANN-2004-xxx) are assigned by the CVE to track these specific issues.
This content requires Flash
To view this content, JavaScript must be enabled, and you need the latest version of the Adobe Flash Player.
Download the free Flash Player now!
