Foxit PDF Reader Javascript File Write Remote Code Execution

A File Write Remote Code Execution vulnerability exists in the Foxit Reader. This vulnerability is due to The createDataObject Javascript API function allows for writing arbitrary files to the file system. A remote attacker could exploit this vulnerability by enticing a victim user to open a malicious pdf file using Foxit Reader.

from Check Point Update Services Advisories http://ift.tt/2CKn7qC