Originally posted by uid313
View Post
Once the user opens a PDF attachment, its JS code runs in whatever PDF reader the user happens to have installed, and the security bounds aren't necessarily the same as those of the browser running JS code, potentially providing a new attack vector in the form of mail phishing + PDF attachments.
All that ovbiously has nothing to do with Firefox, but many commentors here didn't know JS code in PDF files already existed, so reading this article made them assume it was a Firefox invention opening up all sorts of zero day exploits.
Originally posted by uid313
View Post
Leave a comment: