Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5910

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5910
Last Modified 07 Mar 2011 10:01:29
Published 09 Nov 2007 09:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5910

Summary

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

Vulnerable Systems

Application

  • Activepdf Docconverter 3.8.2 .5

  • Autonomy Keyview Export Sdk 9.2.0

  • Autonomy Keyview Filter Sdk 9.2.0

  • Autonomy Keyview Viewer Sdk 9.2.0

  • Ibm Lotus Notes 7.0.2

  • Symantec Mail Security 5.0

  • Symantec Mail Security 5.0.0

  • Symantec Mail Security 5.0.0.24

  • Symantec Mail Security 5.0.1

  • Symantec Mail Security 7.5


References

SECUNIA - 27304

VUPEN - ADV-2007-3697

VUPEN - ADV-2007-3596

BID - 26175

BUGTRAQ - 20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111

MISC - http://vuln.sg/lotusnotes702wpd-en.html

MISC - http://vuln.sg/lotusnotes702-en.html

SECTRACK - 1018886

SECTRACK - 1018853

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html

SREASON - 3357


Last Updated: 27 May 2016 10:46:18