Lucene search

MitreCVE-2007-5910

HistoryNov 10, 2007 - 2:46 a.m.

CVE-2007-5910

2007-11-1002:46:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-5910

autonomy

keyview viewer

filter

export sdk

buffer overflow

security vulnerability

remote code execution

wordperfect

wpd file

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.042

Percentile

92.4%

JSON

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

Affected configurations

Nvd

Node

activepdfdocconverterMatch3.8.2_.5

autonomykeyview_export_sdkRange≤9.2.0

autonomykeyview_filter_sdkRange≤9.2.0

autonomykeyview_viewer_sdkRange≤9.2.0

ibmlotus_notesRange≤7.0.2

symantecmail_securityMatch5.0appliance

symantecmail_securityMatch5.0microsoft_exchange

symantecmail_securityMatch5.0.0smtp

symantecmail_securityMatch5.0.0.24appliance

symantecmail_securityMatch5.0.1smtp

symantecmail_securityMatch7.5domino

VendorProductVersionCPE
activepdfdocconverter3.8.2_.5cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*
autonomykeyview_export_sdk*cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*
autonomykeyview_filter_sdk*cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*
autonomykeyview_viewer_sdk*cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*
ibmlotus_notes*cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*
symantecmail_security5.0cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*
symantecmail_security5.0cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*
symantecmail_security5.0.0cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*
symantecmail_security5.0.0.24cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*
symantecmail_security5.0.1cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*

Vendor	Product	Version	CPE
activepdf	docconverter	3.8.2_.5	cpe:2.3:a:activepdf:docconverter:3.8.2_.5:::::::*
autonomy	keyview_export_sdk	*	cpe:2.3:a:autonomy:keyview_export_sdk::::::::
autonomy	keyview_filter_sdk	*	cpe:2.3:a:autonomy:keyview_filter_sdk::::::::
autonomy	keyview_viewer_sdk	*	cpe:2.3:a:autonomy:keyview_viewer_sdk::::::::
ibm	lotus_notes	*	cpe:2.3:a:ibm:lotus_notes::::::::
symantec	mail_security	5.0	cpe:2.3:a:symantec:mail_security:5.0::appliance:::::
symantec	mail_security	5.0	cpe:2.3:a:symantec:mail_security:5.0::microsoft_exchange:::::
symantec	mail_security	5.0.0	cpe:2.3:a:symantec:mail_security:5.0.0::smtp:::::
symantec	mail_security	5.0.0.24	cpe:2.3:a:symantec:mail_security:5.0.0.24::appliance:::::
symantec	mail_security	5.0.1	cpe:2.3:a:symantec:mail_security:5.0.1::smtp:::::

Rows per page:

1-10 of 111

References

secunia.com/advisories/27304

securityreason.com/securityalert/3357

securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html

securitytracker.com/id?1018853

securitytracker.com/id?1018886

vuln.sg/lotusnotes702-en.html

vuln.sg/lotusnotes702wpd-en.html

www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111

www.securityfocus.com/archive/1/482664

www.securityfocus.com/bid/26175

www.vupen.com/english/advisories/2007/3596

www.vupen.com/english/advisories/2007/3697

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.042

Percentile

92.4%

JSON

Related for CVE-2007-5910