2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2007-5405" ,
"sourceIdentifier" : "PSIRT-CNA@flexerasoftware.com" ,
"published" : "2008-04-10T18:05:00.000" ,
2024-11-22 07:15:30 +00:00
"lastModified" : "2024-11-21T00:37:49.407" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
} ,
{
"lang" : "es" ,
"value" : "M\u00faltiples desbordamientos de b\u00fafer en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:C/I:C/A:C" ,
2024-11-22 07:15:30 +00:00
"baseScore" : 9.3 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
2024-11-22 07:15:30 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "HIGH" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-119"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0D165E31-F294-4F7E-959F-7AFE69AF90A1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D4286B71-18BA-4BC0-9E2C-6D00A24974E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E6634684-2416-4A5C-A5C7-B1E946B33419"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "589D3BC2-ED1F-4C5B-8F94-67AE1909580D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1E234AD1-7202-421E-82C8-880E84876021"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1360A50E-C1E1-4690-874A-04CC7C1A77CC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "68AEB13D-C7C6-426F-8484-85EFF7245DF5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3449A490-865A-4262-8482-429DEF455644"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*" ,
"matchCriteriaId" : "9608BF57-0D9A-4874-BFDA-C92447FACD70"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*" ,
"matchCriteriaId" : "5E7788BD-652E-4306-AED0-6AE7F9A07836"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*" ,
"matchCriteriaId" : "A8430D5E-A8A7-4724-8A6B-B5E2CA437729"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*" ,
"matchCriteriaId" : "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8CA92128-13DD-47D8-8822-23C4CDDFB715"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://secunia.com/advisories/27763" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28140" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28209" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28210" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/29342" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-95/advisory/" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-96/advisory/" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-97/advisory/" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-98/advisory/" ,
"source" : "PSIRT-CNA@flexerasoftware.com" ,
"tags" : [
"Vendor Advisory"
]
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://securitytracker.com/id?1019805" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490825/100/0/threaded" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490837/100/0/threaded" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490838/100/0/threaded" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490839/100/0/threaded" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securityfocus.com/bid/28454" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.securitytracker.com/id?1019844" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1153" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1154" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1156" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721" ,
"source" : "PSIRT-CNA@flexerasoftware.com"
2024-11-22 07:15:30 +00:00
} ,
{
"url" : "http://secunia.com/advisories/27763" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28140" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28209" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/28210" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/29342" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-95/advisory/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-96/advisory/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-97/advisory/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/secunia_research/2007-98/advisory/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://securitytracker.com/id?1019805" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490825/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490837/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490838/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/490839/100/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/28454" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securitytracker.com/id?1019844" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1153" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1154" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2008/1156" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
