[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-5909

Date: (C)2007-11-09   (M)2015-12-16
 
CVSS Score: 9.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

Reference:
SECTRACK-1018853
SECTRACK-1018886
http://www.securityfocus.com/archive/1/482664
http://www.securityfocus.com/archive/1/archive/1/483102/100/0/threaded
BID-26175
SECUNIA-27304
SREASON-3357
ADV-2007-3596
ADV-2007-3697
http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
http://vuln.sg/lotusnotes702-en.html
http://vuln.sg/lotusnotes702doc-en.html
http://vuln.sg/lotusnotes702mif-en.html
http://vuln.sg/lotusnotes702sam-en.html
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836
http://www.zerodayinitiative.com/advisories/ZDI-07-059.html

CPE    1
cpe:/a:ibm:lotus_notes:7.0.2
CWE    1
CWE-119

© 2013 SecPod Technologies