Bug fixing
- Fixed an issue where Foxit Reader PDF Printer in version 8.3.1 failed to print certain items normally.
- Addressed a potential issue where when the application is not running in Safe-Reading-mode, it could be exposed to command injection vulnerability with abusing the app.launchURL JavaScript call to execute a local program. (ZDI-CAN-4724)
- Addressed a potential issue where when the application is not running in Safe-Reading-Mode, it could be exposed to an Arbitrary File Write vulnerability with abusing the this.saveAs function call to drop a file to the local file system. (ZDI-CAN-4518)
- Addressed a potential issue where when the application is not running in Safe-Reading-Mode, it could be exposed to an Arbitrary Write vulnerability with abusing the createDataObject function call to create arbitrary executable file in the local file system.
- Addressed a potential issue where when the application is not running in Safe-Reading-Mode, it could be exposed to command injection vulnerability with abusing the xfa.host.gotoURL function call to open arbitrary executable file. (ZDI-CAN-5030)
|
