Vulnerability Description
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Activepdf | Docconverter | 3.8.2_.5 |
| Autonomy | Keyview Export Sdk | <= 9.2.0 |
| Autonomy | Keyview Filter Sdk | <= 9.2.0 |
| Autonomy | Keyview Viewer Sdk | <= 9.2.0 |
| Ibm | Lotus Notes | <= 7.0.2 |
| Symantec | Mail Security | 5.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27304PatchVendor Advisory
- http://securityreason.com/securityalert/3357
- http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
- http://securitytracker.com/id?1018853
- http://securitytracker.com/id?1018886
- http://vuln.sg/lotusnotes702-en.html
- http://vuln.sg/lotusnotes702wpd-en.html
- http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
- http://www.securityfocus.com/archive/1/482664
- http://www.securityfocus.com/bid/26175
- http://www.vupen.com/english/advisories/2007/3596
- http://www.vupen.com/english/advisories/2007/3697
- http://secunia.com/advisories/27304PatchVendor Advisory
- http://securityreason.com/securityalert/3357
- http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
FAQ
What is CVE-2007-5910?
CVE-2007-5910 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, ...
How severe is CVE-2007-5910?
CVE-2007-5910 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5910?
Check the references section above for vendor advisories and patch information. Affected products include: Activepdf Docconverter, Autonomy Keyview Export Sdk, Autonomy Keyview Filter Sdk, Autonomy Keyview Viewer Sdk, Ibm Lotus Notes.