CVE-2007-5406

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Mail Security; Keyview
Vendor: CVE Published:; 10 April 2008

Summary

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

References

http://secunia.com/advisories/28140

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/29342

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2007-97/advisory/

x_refsource_MISC

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Oct 12, 2007