Denial of Service Vulnerability in Applix Presents Reader by Autonomy Affecting Multiple Products
CVE-2007-5406

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Mail Security; Keyview
Vendor: CVE Published:; 10 April 2008

What is CVE-2007-5406?

The Applix Presents reader from Autonomy, specifically the kpagrdr.dll versions 2.0.0.2 and 10.3.0.0, is susceptible to a denial of service attack due to improper parsing of long tokens in crafted .ag files. This vulnerability can be exploited by remote attackers to cause excessive CPU and memory consumption, potentially disrupting service availability across applications like IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter.

References

http://secunia.com/advisories/28140

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/29342

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2007-97/advisory/

x_refsource_MISC

EPSS Score

25% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Oct 12, 2007