This makes room for the attackers to abuse the vulnerability via a PDF file.
They can open a PDF secretly off-screen with help of CSS and execute the malicious code.
Its similar to exploit kits like Angler or Neutrino deliver Flash, Java, or Silverlight payloads.
source: www.techworm.net
