Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-5909 | First vendor Publication | 2007-11-09 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5909 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Lotus Notes MIF attachment viewer buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 40792 | Autonomy KeyView Multiple Products lasr.dll SAM File Handling Overflow |
| 40791 | Autonomy KeyView Multiple Products mifsr.dll MIF File Handling Overflow |
| 40790 | Autonomy KeyView Multiple Products rtfsr.dll RTF File Handling Overflow |
| 40789 | Autonomy KeyView Multiple Products mwsr.dll DOC File Handling Overflow |
| 40788 | Autonomy KeyView Multiple Products exesr.dll EXE / DLL File Handling Overflow |
| 40787 | Autonomy KeyView Multiple Products awsr.dll AW File Handling Overflow |
| 40786 | Autonomy KeyView Multiple Products kpagrdr.dll AG File Handling Overflow |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Lotus Notes MIF viewer statement data overflow 2 RuleID : 18477 - Revision : 8 - Type : SERVER-MAIL |
| 2014-01-10 | IBM Lotus Notes MIF viewer statement data overflow RuleID : 12706 - Revision : 13 - Type : SERVER-MAIL |
| 2014-01-10 | IBM Lotus Notes MIF viewer statement overflow RuleID : 12705 - Revision : 10 - Type : SERVER-MAIL |
| 2014-01-10 | IBM Lotus Notes MIF viewer MIFFILE comment overflow RuleID : 12704 - Revision : 10 - Type : SERVER-MAIL |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-10-24 | Name : The remote Windows host has an application that is affected by several buffer... File : notes_keyview_overflows.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:15:50 |
|
| 2024-11-28 12:13:58 |
|
| 2021-05-05 01:04:10 |
|
| 2021-05-04 12:06:39 |
|
| 2021-04-22 01:07:10 |
|
| 2020-05-24 01:04:01 |
|
| 2020-05-23 00:20:45 |
|
| 2018-10-16 00:19:19 |
|
| 2016-04-27 09:28:08 |
|
| 2016-04-26 16:47:48 |
|
| 2014-02-17 10:42:33 |
|
| 2014-01-19 21:24:34 |
|
| 2013-05-11 10:41:40 |
|
