CVE-2007-6593 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-6593
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6593

Description: Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/38645 ST 1019096 1019002 SREASON http://securityreason.com/securityalert/3499 SAID Secunia Advisory: SA27835 Secunia Advisory: SA27836 Secunia Advisory: SA27849 MISC http://www.coresecurity.com/index.php5?action=item&id=2008 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html CONFIRM http://www.ibm.com/support/docview.wss?rs=475&uid=swg21285600 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/484272/100/0/threaded BID 26604

Return to the previous page.