Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5405

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5405
Last Modified 07 Mar 2011 10:00:38
Published 10 Apr 2008 02:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5405

Summary

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.

Vulnerable Systems

Application

  • Activepdf Docconverter 3.8.2 .5

  • Activepdf Docconverter 3.8.4.0

  • Autonomy Keyview 10.3.0.0

  • Autonomy Keyview 2.0.0.2

  • Ibm Lotus Notes 6.0

  • Ibm Lotus Notes 6.5

  • Ibm Lotus Notes 7.0

  • Ibm Lotus Notes 7.0.2

  • Ibm Lotus Notes 7.0.3

  • Symantec Mail Security 5.0

  • Symantec Mail Security 5.0.0

  • Symantec Mail Security 5.0.1

  • Symantec Mail Security 7.5

  • Symantec Mail Security Appliance 5.0


References

XF - autonomy-keyview-applix-multiple-bo(41721)

VUPEN - ADV-2008-1156

VUPEN - ADV-2008-1154

VUPEN - ADV-2008-1153

CONFIRM - http://www.symantec.com/avcenter/security/Content/2008.04.08e.html

SECTRACK - 1019844

BID - 28454

BUGTRAQ - 20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453

SECTRACK - 1019805

MISC - http://secunia.com/secunia_research/2007-98/advisory/

MISC - http://secunia.com/secunia_research/2007-97/advisory/

MISC - http://secunia.com/secunia_research/2007-96/advisory/

MISC - http://secunia.com/secunia_research/2007-95/advisory/

SECUNIA - 29342

SECUNIA - 28210

SECUNIA - 28209

SECUNIA - 28140

SECUNIA - 27763


Last Updated: 27 May 2016 10:46:10