CVE-2007-6008 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2007-6008?

CVE-2007-6008 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-6008?

Check the references section above for vendor advisories and patch information. Affected products include: Autonomy Keyview Export Sdk, Autonomy Keyview Filter Sdk, Autonomy Keyview Viewer Sdk.

Vulnerability Description

Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Autonomy	Keyview Export Sdk	<= 2.0
Autonomy	Keyview Filter Sdk	<= 2.0
Autonomy	Keyview Viewer Sdk	<= 2.0

Related Weaknesses (CWE)

CWE-119

References

http://secunia.com/advisories/27304PatchVendor Advisory
http://secunia.com/advisories/27304PatchVendor Advisory

FAQ

What is CVE-2007-6008?

CVE-2007-6008 is a vulnerability with a CVSS score of 9.3 (HIGH). Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type he...

How severe is CVE-2007-6008?

CVE-2007-6008 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-6008?

Check the references section above for vendor advisories and patch information. Affected products include: Autonomy Keyview Export Sdk, Autonomy Keyview Filter Sdk, Autonomy Keyview Viewer Sdk.