CVE-2007-5405

{"id": "CVE-2007-5405", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-04-10T18:05:00.000", "references": [{"url": "http://secunia.com/advisories/27763", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/28140", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/28209", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/28210", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/advisories/29342", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2007-95/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2007-96/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2007-97/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2007-98/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://securitytracker.com/id?1019805", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/bid/28454", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securitytracker.com/id?1019844", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1153", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1154", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1156", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721", "source": "PSIRT-CNA@flexerasoftware.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN."}], "lastModified": "2018-10-15T21:44:31.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1"}, {"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3"}, {"criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419"}, {"criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D"}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021"}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC"}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5"}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644"}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D"}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70"}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836"}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729"}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5"}, {"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}