Vulnonym.org

CVE-2007-6020 - Clawless Hint

Description

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0 as used by IBM Lotus Notes Symantec Mail Security and activePDF DocConverter allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI (2) FD (3) FT (4) JD (5) JL (6) LE (7) OB (8) OD (9) OL (10) PN (11) PS (12) PW (13) RD (14) QL or (15) TS tag in a .fff file.

Reference

http://secunia.com/secunia_research/2007-104/advisory/ http://secunia.com/secunia_research/2007-105/advisory/ http://secunia.com/secunia_research/2007-106/advisory/ http://secunia.com/secunia_research/2007-107/advisory/ http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 http://www.symantec.com/avcenter/security/Content/2008.04.08e.html http://www.securityfocus.com/bid/28454 http://securitytracker.com/id?1019805 http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://www.securitytracker.com/id?1019841 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1154 http://www.vupen.com/english/advisories/2008/1156 https://exchange.xforce.ibmcloud.com/vulnerabilities/41716 http://www.securityfocus.com/archive/1/490831/100/0/threaded http://www.securityfocus.com/archive/1/490830/100/0/threaded http://www.securityfocus.com/archive/1/490829/100/0/threaded http://www.securityfocus.com/archive/1/490827/100/0/threaded