1. Home
  2. CVE Database
  3. CVE-2007-6593
HIGH · 8.8

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary cod...

Vulnerability Description

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

CVSS Score

8.8

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:N
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
NONE

Affected Products

VendorProductVersions
IbmLotus Notes5.0

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2007-6593?

CVE-2007-6593 is a vulnerability with a CVSS score of 8.8 (HIGH). Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary cod...

How severe is CVE-2007-6593?

CVE-2007-6593 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-6593?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Notes.