Results 1 to 1 of 1
  1. #1
    Star Lounger
    Join Date
    Dec 2011
    Thanked 4 Times in 4 Posts

    Security concern? Foxit PDF Reader (inside Evernote) allows JS scripts?

    When I read a PDF (stored as a Note inside Evernote) ,
    Evernote pops up an info window,
    saying it's using its built-in FOXIT PDF Reader inside Evernote,
    to render the PDF.

    That's OK...

    But....what if the PDF (stored and rendered inside Evernote),
    contains an embeded, malicious JS script,
    and the JS script gets executed
    by the Foxit Reader, inside Evernote?

    For my local PDF files (in my HD),
    I read PDF files with:
    Sumatra PDF Reader or PDF-Xchange Reader,
    both with JS script execution TURNED OFF...


    Does the Foxit Reader (inside Evernote),
    have JS script execution TURNED OFF ?
    (while rendering a PDF file INSIDE the Evernote client version 3.1.0,1225).

    If it is not turned off,
    that would be a HUGE security risk
    in PDF rendering inside Evernote!.

    Is this a Security Risk?

    Thanks for any opinions or facts.

    Using Evernote client version 3.1.0,1225.
    (yes, I know - it's ancient, but it works for me...),
    with WIN-XP SP3 -32 bit.
    Last edited by SF99; 2013-02-28 at 06:17. Reason: add tags

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts