Stack-based Buffer Overflow in Autonomy KeyView Product
CVE-2007-6020

Currently unrated

Key Information:

Vendor
IBM
Status
Lotus Notes
Mail Security Appliance
Mail Security
Keyview
Vendor
CVE Published:
10 April 2008

Summary

The Folio Flat File speed reader in Autonomy KeyView version 10.3.0.0 and associated products contains multiple stack-based buffer overflow vulnerabilities in the foliosr.dll file. These vulnerabilities can be exploited by remote attackers to execute arbitrary code when processing malicious .fff files containing excessively long attribute values in specific tags. Products affected include IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, making it crucial for users to patch or secure their systems against potential exploitation.

References

http://secunia.com/advisories/28140
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/secunia_research/2007-106/advisory/
x_refsource_MISC
http://secunia.com/advisories/29342
third-party-advisoryx_refsource_SECUNIA

EPSS Score

47% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.