CVE-2007-5405
Summary
| CVE | CVE-2007-5405 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-04-10 18:05:00 UTC |
| Updated | 2018-10-15 21:44:00 UTC |
| Description | Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Activepdf | Docconverter | 3.8.2_.5 | All | All | All |
| Application | Activepdf | Docconverter | 3.8.4.0 | All | All | All |
| Application | Activepdf | Docconverter | 3.8.2_.5 | All | All | All |
| Application | Activepdf | Docconverter | 3.8.4.0 | All | All | All |
| Application | Autonomy | Keyview | 10.3.0.0 | All | All | All |
| Application | Autonomy | Keyview | 2.0.0.2 | All | All | All |
| Application | Autonomy | Keyview | 10.3.0.0 | All | All | All |
| Application | Autonomy | Keyview | 2.0.0.2 | All | All | All |
| Application | Ibm | Lotus Notes | 6.0 | All | All | All |
| Application | Ibm | Lotus Notes | 6.5 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0.2 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0.3 | All | All | All |
| Application | Ibm | Lotus Notes | 6.0 | All | All | All |
| Application | Ibm | Lotus Notes | 6.5 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0.2 | All | All | All |
| Application | Ibm | Lotus Notes | 7.0.3 | All | All | All |
| Application | Symantec | Mail Security | 5.0 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.0 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1 | All | smtp | All |
| Application | Symantec | Mail Security | 7.5 | All | domino | All |
| Application | Symantec | Mail Security | 5.0 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.0 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1 | All | smtp | All |
| Application | Symantec | Mail Security | 7.5 | All | domino | All |
| Application | Symantec | Mail Security Appliance | 5.0 | All | All | All |
| Application | Symantec | Mail Security Appliance | 5.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Lotus Notes Multiple Keyview Parsing Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Autonomy Keyview SDK Multiple Buffer Overflows - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| 404 Not Found | CONFIRM | www.symantec.com | |
| activePDF DocConverter Applix Graphics Parsing Vulnerabilities - Secunia Research - Secunia | MISC | secunia.com | Vendor Advisory |
| Symantec Mail Security Applix Graphics Parsing Vulnerabilities - Secunia Research - Secunia | MISC | secunia.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| IBM Lotus Notes Buffer Overflows in Applix Viewer Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Autonomy Keyview Applix Graphics Parsing Vulnerabilities - Secunia Research - Secunia | MISC | secunia.com | Vendor Advisory |
| IBM Potential security vulnerabilities in Lotus Notes file viewers for Applix Presents, Folio Flat File, HTML speed reader, KeyView and MIME - United States | CONFIRM | www-1.ibm.com | |
| Symantec Mail Security for Exchange Attachment Parsing Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Lotus Notes Applix Graphics Parsing Vulnerabilities - Secunia Research - Secunia | MISC | secunia.com | Vendor Advisory |
| Autonomy KeyView Module Multiple Buffer Overflow Vulnerabilities | BID | www.securityfocus.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Symantec Mail Security Attachment Parsing Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| activePDF DocConverter Multiple Parsing Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SecurityTracker.com Archives - Symantec Mail Security Buffer Overflows in Autonomy KeyView Module Let Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.