Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

Does Firefox's internal pdf reader protect against malware?

oneironaut
oneironaut
more options

Does Firefox's internal pdf reader protect against potential damage or security breaches caused by maliciously crafted PDFs?

Does Firefox's internal pdf reader protect against potential damage or security breaches caused by maliciously crafted PDFs?

Gekose oplossing

Hi oneironaut, Firefox's internal PDF viewer (based on pdf.js) converts the PDF to HTML. There is a possibility that a PDF could be crafted to trigger some kind of vulnerability in that conversion code, but it would have to be a different kind of attack from ones affecting native applications like Adobe Reader/Acrobat or Apple Preview. Also, you may feel more comfortable knowing that if the PDF contains JavaScript for an Adobe application, that is disregarded by the pdf.js viewer.

Lees dié antwoord in konteks 👍 1

All Replies (1)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 25 Contributor
more options

Gekose oplossing

Hi oneironaut, Firefox's internal PDF viewer (based on pdf.js) converts the PDF to HTML. There is a possibility that a PDF could be crafted to trigger some kind of vulnerability in that conversion code, but it would have to be a different kind of attack from ones affecting native applications like Adobe Reader/Acrobat or Apple Preview. Also, you may feel more comfortable knowing that if the PDF contains JavaScript for an Adobe application, that is disregarded by the pdf.js viewer.