CVE-2007-5405

Published Apr 10, 2008

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.
Source: PSIRT-CNA@flexerasoftware.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1"
          },
          {
            "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3"
          },
          {
            "criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419"
          },
          {
            "criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D"
          },
          {
            "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70"
          },
          {
            "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836"
          },
          {
            "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729"
          },
          {
            "criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5"
          },
          {
            "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References