Michael Heinz

**Name of the Vulnerable Software and Affected Versions** APDFL.dll (affected versions not specified) **Description** The issue is related to a stack-based buffer overflow in the APDFL.dll, which can be triggered by parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. The vulnerability is associated with the JT2Go 3D viewer tool and the Teamcenter Visualization product lifecycle management system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** APDFL.dll (affected versions not specified) **Description** The issue is related to an out-of-bounds write past a fixed-length heap-based buffer in the APDFL.dll while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. The vulnerability is associated with the JT2Go 3D viewer tool and the Teamcenter Visualization product lifecycle management system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JT2Go (affected versions not specified) Teamcenter Visualization (affected versions not specified) **Description** The issue is related to a memory corruption vulnerability in the APDFL.dll library, which occurs when parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. **Recommendations** For JT2Go, consider disabling the use of the APDFL.dll library until a patch is available. For Teamcenter Visualization, restrict access to the APDFL.dll library to minimize the risk of exploitation. Avoid using the APDFL.dll library for parsing PDF files until the issue is resolved.