Stack-based Buffer Overflow in Autonomy KeyView Viewer for Various Products
CVE-2007-5910

Currently unrated

Key Information:

Vendor: Symantec
Status: Mail Security; Lotus Notes; Keyview Viewer Sdk; Docconverter
Vendor: CVE Published:; 10 November 2007

Summary

A stack-based buffer overflow exists in Autonomy KeyView Viewer, affecting several software products including ActivePDF DocConverter and IBM Lotus Notes. This vulnerability can allow remote attackers to execute arbitrary code by manipulating crafted WordPerfect (WPD) files. The flaw is present in versions prior to 9.2.0.12 of the KeyView Viewer and can put users at risk by exposing them to malicious files that exploit this weakness.

References

http://vuln.sg/lotusnotes702wpd-en.html

x_refsource_MISC

http://securityreason.com/securityalert/3357

third-party-advisoryx_refsource_SREASON

http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21...

x_refsource_CONFIRM

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 10, 2007
Vulnerability Reserved
Nov 9, 2007