CVE-2007-5405

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.

Published: Apr 10, 2008
Updated: Apr 13, 2023
CVE: CVE-2007-5405
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / lotus_notes	6.0	6.0.x
symantec / mail_security_appliance	5.0	5.0.x
symantec / mail_security	5.0.1	5.0.1.x
autonomy / keyview	10.3.0.0	10.3.0.0.x
activepdf / docconverter	3.8.4.0	3.8.4.0.x
autonomy / keyview	2.0.0.2	2.0.0.2.x
ibm / lotus_notes	7.0	7.0.x
ibm / lotus_notes	7.0.3	7.0.3.x
symantec / mail_security	7.5	7.5.x
activepdf / docconverter	3.8.2_.5	3.8.2_.5.x
ibm / lotus_notes	6.5	6.5.x
symantec / mail_security	5.0	5.0.x
ibm / lotus_notes	7.0.2	7.0.2.x
symantec / mail_security	5.0.0	5.0.0.x

Vulnerability Database

289,697

CVE-2007-5405