[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247213

 
 

909

 
 

194329

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-5909Date: (C)2007-11-09   (M)2023-12-22


Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1018853
SECTRACK-1018886
http://www.securityfocus.com/archive/1/482664
http://www.securityfocus.com/archive/1/483102/100/0/threaded
BID-26175
SECUNIA-27304
SREASON-3357
ADV-2007-3596
ADV-2007-3697
http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
http://vuln.sg/lotusnotes702-en.html
http://vuln.sg/lotusnotes702doc-en.html
http://vuln.sg/lotusnotes702mif-en.html
http://vuln.sg/lotusnotes702sam-en.html
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836
http://www.zerodayinitiative.com/advisories/ZDI-07-059.html

CPE    4
cpe:/a:autonomy:keyview_filter_sdk
cpe:/a:autonomy:keyview_export_sdk
cpe:/a:ibm:lotus_notes
cpe:/a:autonomy:keyview_viewer_sdk
...
CWE    1
CWE-119

© SecPod Technologies