CVE-2022-26109

Name of the Vulnerable Software and Affected Versions SAP 3D Visual Enterprise Viewer version 9.0

Description The issue occurs when a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer. This causes the application to crash and become temporarily unavailable to the user until the application is restarted.

Recommendations For SAP 3D Visual Enterprise Viewer version 9.0, consider avoiding the use of the PDF parsing functionality until a patch is available. As a temporary workaround, restrict the opening of .pdf files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.