The PDF viewer does not sufficiently sanitize PostScript calculator
functions, allowing malicious JavaScript to be injected through a crafted
PDF file. This JavaScript can then be run with the permissions of the PDF
viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and
Firefox < 60.