Download the updated files applicable for your product's version.
Problem
Some security vulnerabilities that result in the following conditions are identified in FrameMaker 2020 release Update 4 and earlier, and FrameMaker 2019 release Update 8 and earlier:
- SVG File Parsing Heap-Based Buffer Overflow Remote Code Execution
- SVG File Parsing Use-After-Free Remote Code Execution
- SVG File Parsing Out-Of-Bounds Read Remote Code Execution
- Font Parsing Out-Of-Bounds Read Information Disclosure
For more information about these vulnerabilities, see Adobe Security Bulletin.
Solution
To resolve these issues, do the following:
-
Extract the contents of the ZIP file. The ZIP contains the following updated files:
FrameMaker (2019 release)
- CoolType.dll
- SVGRE.dll
- SVGExport.dll
- AdobeSVGAGM.dll
FrameMaker (2020 release)
- ACE.dll
- AGM.dll
- ARE.dll
- AdobePDFL.dll
- AdobeSVGAGM.dll
- BIB.dll
- BIBUtils.dll
- CoolType.dll
- pdfport.dll
- SVGRE.dll
- SVGExport.dll
- libeay32.dll
-
Navigate to the FrameMaker install location.
The default install location corresponding to your version of FrameMaker is:
FrameMaker (2019 release)
- 64-bit: C:\Program Files\Adobe\Adobe FrameMaker 2019
- 32-bit: C:\Program Files (x86)\Adobe\Adobe FrameMaker 2019
FrameMaker (2020 release)
- C:\Program Files\Adobe\Adobe FrameMaker 2020
- 64-bit: C:\Program Files\Adobe\Adobe FrameMaker 2019
-
Replace the existing files with the updated files you extracted in Step 2.
When you are prompted, click Yes to overwrite the existing files.
-
Launch FrameMaker.