Lucene search

[email protected]CVE-2007-5910

HistoryNov 10, 2007 - 2:46 a.m.

CVE-2007-5910

2007-11-1002:46:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-5910

autonomy

keyview viewer

filter

export sdk

buffer overflow

security vulnerability

remote code execution

wordperfect

wpd file

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.6%

JSON

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

CPENameOperatorVersion
symantec:mail_securitysymantec mail securityeq5.0.1
ibm:lotus_notesibm lotus notesle7.0.2
autonomy:keyview_viewer_sdkautonomy keyview viewer sdkle9.2.0
symantec:mail_securitysymantec mail securityeq5.0.0.24
symantec:mail_securitysymantec mail securityeq7.5
activepdf:docconverteractivepdf docconvertereq3.8.2_.5
symantec:mail_securitysymantec mail securityeq5.0
autonomy:keyview_filter_sdkautonomy keyview filter sdkle9.2.0
autonomy:keyview_export_sdkautonomy keyview export sdkle9.2.0
symantec:mail_securitysymantec mail securityeq5.0.0

CPE	Name	Operator	Version
symantec:mail_security	symantec mail security	eq	5.0.1
ibm:lotus_notes	ibm lotus notes	le	7.0.2
autonomy:keyview_viewer_sdk	autonomy keyview viewer sdk	le	9.2.0
symantec:mail_security	symantec mail security	eq	5.0.0.24
symantec:mail_security	symantec mail security	eq	7.5
activepdf:docconverter	activepdf docconverter	eq	3.8.2_.5
symantec:mail_security	symantec mail security	eq	5.0
autonomy:keyview_filter_sdk	autonomy keyview filter sdk	le	9.2.0
autonomy:keyview_export_sdk	autonomy keyview export sdk	le	9.2.0
symantec:mail_security	symantec mail security	eq	5.0.0

References

secunia.com/advisories/27304

securityreason.com/securityalert/3357

securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html

securitytracker.com/id?1018853

securitytracker.com/id?1018886

vuln.sg/lotusnotes702-en.html

vuln.sg/lotusnotes702wpd-en.html

www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111

www.securityfocus.com/archive/1/482664

www.securityfocus.com/bid/26175

www.vupen.com/english/advisories/2007/3596

www.vupen.com/english/advisories/2007/3697

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.035 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2007-5910

saint4 prion2 cve1 nessus1