Vulnerability CVE-2007-5909


Published: 2007-11-09   Modified: 2012-02-12

Description:
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

See advisories in our WLB2 database:
Topic
Author
Date
High
IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities
Tan Chew Keong
11.11.2007

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Autonomy
Product: Keyview filter sdk 
Version: 9.2.0;
Product: Keyview export sdk 
Version: 9.2.0;
Product: Keyview viewer sdk 
Version: 9.2.0;
Vendor: Symantec
Product: Mail security 
Version:
7.5
5.0.1
5.0.0.24
5.0.0
5.0
Vendor: IBM
Product: Lotus notes 
Version: 7.0.2;
Vendor: Activepdf
Product: Docconverter 
Version: 3.8.2_.5;

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://securityreason.com/securityalert/3357
http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
http://securitytracker.com/id?1018853
http://securitytracker.com/id?1018886
http://vuln.sg/lotusnotes702-en.html
http://vuln.sg/lotusnotes702doc-en.html
http://vuln.sg/lotusnotes702mif-en.html
http://vuln.sg/lotusnotes702sam-en.html
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836
http://www.securityfocus.com/archive/1/482664
http://www.securityfocus.com/archive/1/483102/100/0/threaded
http://www.securityfocus.com/bid/26175
http://www.vupen.com/english/advisories/2007/3596
http://www.vupen.com/english/advisories/2007/3697
http://www.zerodayinitiative.com/advisories/ZDI-07-059.html

Related CVE
CVE-2007-6020
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute...
CVE-2007-5910
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows...
CVE-2007-5397
Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that i...
CVE-2007-5405
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbit...

Copyright 2019, cxsecurity.com

 

Back to Top