CVE-2007-6593

2007-12-2821:46:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

8.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:C/A:N

AI Score

7.4

Confidence

Low

EPSS

0.883

Percentile

98.7%

JSON

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

Affected configurations

Nvd

Node

ibmlotus_notesMatch5.0

ibmlotus_notesMatch6.0

ibmlotus_notesMatch6.5

ibmlotus_notesMatch7.0

ibmlotus_notesMatch8.0

VendorProductVersionCPE
ibmlotus_notes5.0cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*
ibmlotus_notes6.0cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
ibmlotus_notes6.5cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
ibmlotus_notes7.0cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
ibmlotus_notes8.0cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_notes	5.0	cpe:2.3:a:ibm:lotus_notes:5.0:::::::*
ibm	lotus_notes	6.0	cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
ibm	lotus_notes	6.5	cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
ibm	lotus_notes	7.0	cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
ibm	lotus_notes	8.0	cpe:2.3:a:ibm:lotus_notes:8.0:::::::*