Secunia Research: activePDF DocConverter Applix Graphics Parsing Vulnerabilities

====================================================================== Secunia Research 08/04/2008 - activePDF DocConverter Applix Graphics Parsing Vulnerabilities - ====================================================================== Table of Contents Affected...

Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows

====================================================================== Secunia Research 08/04/2008 - activePDF DocConverter Folio Flat File Parsing Buffer Overflows - ====================================================================== Table of Contents Affected...

Buffer overflow

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with 1 a long ENCODING...

Code injection

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service CPU and memory...

Stack overflow

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy formerly Verity KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a 1...

CVE-2007-6020

CVE-2007-6020 describes multiple stack-based buffer overflows in the Folio Flat File speed reader (foliosr.dll) of Autonomy KeyView 10.3.0.0, used by IBM Lotus Notes and Symantec Mail Security (SMSSMTP/Exchange/Domino) and activePDF DocConverter. Secunia and NVD detail that boundary errors occur ...

CVE-2007-5406

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service CPU and memory...

CVE-2007-5405

CVE-2007-5405 is an Autonomy KeyView (kpagrdr.dll) buffer-overflow vulnerability affecting Applix Graphics (.ag) parsing. Secunia and related advisories document three overflow paths: (1) unsafe parsing of ENCODING in the *BEGIN tag, (2) boundary errors from overly long tokens, and (3) initial *B...

CVE-2007-5405

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy formerly Verity KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with 1 a long ENCODING...

CVE-2007-5406

CVE-2007-5406 affects Autonomy KeyView (kpagrdr.dll) components used in Applix graphics parsing, including versions 2.0.0.2 and 10.3.0.0. Secunia notes that parsing the ENCODING attribute and long tokens in Applix documents can trigger buffer overflows, enabling remote attackers to cause a denial...

CVE-2007-5909

Multiple stack-based buffer overflows in Autonomy formerly Verity KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted 1 A...