Stack-based Buffer Overflow in Autonomy KeyView Product
CVE-2007-6020

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Mail Security Appliance; Mail Security; Keyview
Vendor: CVE Published:; 10 April 2008

What is CVE-2007-6020?

The Folio Flat File speed reader in Autonomy KeyView version 10.3.0.0 and associated products contains multiple stack-based buffer overflow vulnerabilities in the foliosr.dll file. These vulnerabilities can be exploited by remote attackers to execute arbitrary code when processing malicious .fff files containing excessively long attribute values in specific tags. Products affected include IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, making it crucial for users to patch or secure their systems against potential exploitation.

References

http://secunia.com/advisories/28140

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2007-106/advisory/

x_refsource_MISC

http://secunia.com/advisories/29342

third-party-advisoryx_refsource_SECUNIA

EPSS Score

41% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Nov 19, 2007