CVE-2007-5909 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5909
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5909

Description: Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

CVE Status: Candidate

References: ST 1018853 1018886 SREASON http://securityreason.com/securityalert/3357 SAID Secunia Advisory: SA27304 MISC http://www.zerodayinitiative.com/advisories/ZDI-07-059.html http://vuln.sg/lotusnotes702sam-en.html http://vuln.sg/lotusnotes702mif-en.html http://vuln.sg/lotusnotes702doc-en.html http://vuln.sg/lotusnotes702-en.html CONFIRM http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836 http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/483102/100/0/threaded http://www.securityfocus.com/archive/1/482664 BID 26175

Return to the previous page.