CVE-2007-5910

Sažetak

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

Reference

http://secunia.com/advisories/27304
http://securityreason.com/securityalert/3357
http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
http://securitytracker.com/id?1018853
http://securitytracker.com/id?1018886
http://vuln.sg/lotusnotes702-en.html
http://vuln.sg/lotusnotes702wpd-en.html
http://www.securityfocus.com/archive/1/482664
http://www.securityfocus.com/bid/26175
http://www.vupen.com/english/advisories/2007/3596
http://www.vupen.com/english/advisories/2007/3697
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

08-03-2011 - 03:01

Objavljeno

10-11-2007 - 02:46