Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-6020

Опубликовано: 10 апр. 2008
Источник: nvd
CVSS2: 9.3
EPSS Средний

Описание

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.34744
Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-88rv-7jw7-2cm8

github
почти 4 года назад

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

EPSS

Процентиль: 97%
0.34744
Средний

9.3 Critical

CVSS2

Дефекты

CWE-119