Foxit Reader prior to 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
foxitsoftware foxit reader |