Vulnonym.org

CVE-2007-5405 - Chlamydeous Spigotty

Description

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView as used by IBM Lotus Notes Symantec Mail Security and activePDF DocConverter allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a BEGIN tag (2) a long token or (3) the initial BEGIN tag.

Reference

http://secunia.com/secunia_research/2007-95/advisory/ http://secunia.com/secunia_research/2007-96/advisory/ http://secunia.com/secunia_research/2007-97/advisory/ http://secunia.com/secunia_research/2007-98/advisory/ http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 http://www.symantec.com/avcenter/security/Content/2008.04.08e.html http://www.securityfocus.com/bid/28454 http://securitytracker.com/id?1019805 http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://www.securitytracker.com/id?1019844 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1154 http://www.vupen.com/english/advisories/2008/1156 https://exchange.xforce.ibmcloud.com/vulnerabilities/41721 http://www.securityfocus.com/archive/1/490839/100/0/threaded http://www.securityfocus.com/archive/1/490838/100/0/threaded http://www.securityfocus.com/archive/1/490837/100/0/threaded http://www.securityfocus.com/archive/1/490825/100/0/threaded