Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:C17495B95A9FCCE21BD8257116554AD2
HistoryJun 06, 2008 - 12:00 a.m.

Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow

2008-06-0600:00:00
SAINT Corporation
my.saintcorporation.com
16

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.891 High

EPSS

Percentile

98.7%

JSON

Added: 06/06/2008
CVE: CVE-2007-5405
BID: 28454
OSVDB: 44194

Background

Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to display Applix Graphics (**.ag**) attachments.

Problem

A buffer overflow vulnerability when parsing the initial BEGIN tag in an Applix Graphics file allows command execution when a user opens a specially crafted attachment.

Resolution

Apply the fix referenced in the IBM Technote.

References

<http://secunia.com/secunia_research/2007-96/advisory/&gt;

Limitations

Exploit works on Lotus Notes 8.0 and requires a user to open an e-mail attachment using the affected software.

Platforms

Windows

Related

checkpoint_advisories 1
saint 3
prion 1
cve 1
cvelist 1
securityvulns 4
nessus 2
checkpoint_advisories
checkpoint_advisories
IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (CVE-2007-5405)
2010-07-27 00:00:00
saint
saint
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow
2008-06-06 00:00:00
prion
prion
Buffer overflow
2008-04-10 18:05:00
cve
cve
CVE-2007-5405
2008-04-10 18:05:00
cvelist
cvelist
CVE-2007-5405
2008-04-10 18:00:00
securityvulns
securityvulns
Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities
2008-04-15 00:00:00
Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities
2008-04-15 00:00:00
Secunia Research: Autonomy Keyview Applix Graphics Parsing Vulnerabilities
2008-04-15 00:00:00
nessus
nessus
Symantec Mail Security for Exchange / Domino Autonomy KeyView Module Multiple Buffer Overflows
2013-07-17 00:00:00
Symantec Mail Security for SMTP Autonomy KeyView Module Multiple Buffer Overflows
2013-07-17 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.891 High

EPSS

Percentile

98.7%

JSON
Related for SAINT:C17495B95A9FCCE21BD8257116554AD2
checkpoint_advisories1saint3prion1cve1cvelist1securityvulns4nessus2