Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5406

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5406
Last Modified 07 Mar 2011 10:00:38
Published 10 Apr 2008 02:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5406

Summary

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

Vulnerable Systems

Application

  • Autonomy Keyview

  • Ibm Lotus Notes 6.0

  • Ibm Lotus Notes 6.5

  • Ibm Lotus Notes 7.0

  • Ibm Lotus Notes 8.0

  • Ibm Lotus Notes 8.0.1

  • Symantec Mail Security 5.0

  • Symantec Mail Security 5.0.0

  • Symantec Mail Security 5.0.1

  • Symantec Mail Security 7.5


References

XF - autonomy-keyview-applix-dos(41722)

VUPEN - ADV-2008-1156

VUPEN - ADV-2008-1154

VUPEN - ADV-2008-1153

SECTRACK - 1019844

BID - 28454

BUGTRAQ - 20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities

BUGTRAQ - 20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities

SECTRACK - 1019805

MISC - http://secunia.com/secunia_research/2007-98/advisory/

MISC - http://secunia.com/secunia_research/2007-97/advisory/

MISC - http://secunia.com/secunia_research/2007-96/advisory/

MISC - http://secunia.com/secunia_research/2007-95/advisory/

SECUNIA - 29342

SECUNIA - 28210

SECUNIA - 28209

SECUNIA - 28140

SECUNIA - 27763


Last Updated: 27 May 2016 10:46:10