CVSS: 9.3EPSS: 65%CPEs: 13EXPL: 0CVE-2007-6020
https://notcve.org/view.php?id=CVE-2007-6020
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file. Múltiples desbordamientos de búfer basados en pila en foliosr.dll en el lector rápido Folio Flat File de Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, permiten a atacentes remotos ejecutar código de su eleccióna través de un valor largo en los atributos de las etiquetas (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS en un fichero .fff. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-104/advisory http://secunia.com/secunia_research/2007-105/advisory http://secunia.com/secunia_research/2007-106/advisory http://secunia.com/secunia_research/2007-107/advisory http://securitytracker.com/id?1019805 http://www-1.ibm.com/support/docview.wss?rs=463 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 80%CPEs: 14EXPL: 0CVE-2007-5405
https://notcve.org/view.php?id=CVE-2007-5405
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. Múltiples desbordamientos de búfer en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar código de su elección a través de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN. • http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-95/advisory http://secunia.com/secunia_research/2007-96/advisory http://secunia.com/secunia_research/2007-97/advisory http://secunia.com/secunia_research/2007-98/advisory http://securitytracker.com/id?1019805 http://www-1.ibm.com/support/docview.wss?rs=463& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •