Probably not major, since nothing exploits it yet.
iDEFENSE discovered and reported this vulnerability to Adobe back in March. Adobe fixed the flaw in version 6.0.2, released 7 June 2004, but did not issue a vendor security advisory, merely refering to the issue as “Security update to further restrict malicious code execution.” in the change log.
The only way I could get to update Adobe Reader 6.0.1 to 6.0.2 was to click on the Updates option, whereupon it did a download and then required me to reboot to do the install. And that’s for a File Viewer!
Anyone else agree that this is another firm too big for its boots?
John
John. It seems as though Adobe 
has no clue about customer support. Many companies appear to get lost when they reach a certain size. 
