CVE-2007-5405

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Mail Security Appliance; Mail Security; Keyview
Vendor: CVE Published:; 10 April 2008

Summary

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.

References

http://secunia.com/advisories/28140

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/29342

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2007-97/advisory/

x_refsource_MISC

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Oct 12, 2007