CVE-2007-5910: Buffer Overflow
First published: Sat Nov 10 2007(Updated: )
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Mail Security | =5.0.1 | |
| IBM Lotus Notes | <=7.0.2 | |
| Autonomy KeyView | <=9.2.0 | |
| Symantec Mail Security | =5.0.0.24 | |
| Symantec Mail Security | =7.5 | |
| ActivePDF DocConverter | =3.8.2_.5 | |
| Symantec Mail Security | =5.0 | |
| Autonomy KeyView | <=9.2.0 | |
| Autonomy KeyView | <=9.2.0 | |
| Symantec Mail Security | =5.0 | |
| Symantec Mail Security | =5.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/archive/1/482664
- http://vuln.sg/lotusnotes702-en.html
- http://vuln.sg/lotusnotes702wpd-en.html
- http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
- http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
- http://www.securityfocus.com/bid/26175
- http://securitytracker.com/id?1018853
- http://securitytracker.com/id?1018886
- http://secunia.com/advisories/27304
- http://securityreason.com/securityalert/3357
- http://www.vupen.com/english/advisories/2007/3697
- http://www.vupen.com/english/advisories/2007/3596
Frequently Asked Questions
What is the severity of CVE-2007-5910?
CVE-2007-5910 is classified as a critical vulnerability due to its potential to allow remote attackers to execute arbitrary code.
How do I fix CVE-2007-5910?
To fix CVE-2007-5910, you should update to a version of the affected software that is not vulnerable, specifically versions later than 9.2.0.12 for Autonomy KeyView and the latest updates for other affected products.
Which software is affected by CVE-2007-5910?
CVE-2007-5910 affects several software products, including ActivePDF DocConverter, Autonomy KeyView Viewer, Filter and Export SDK, IBM Lotus Notes, and various versions of Symantec Mail Security.
What kind of attack vector does CVE-2007-5910 exploit?
CVE-2007-5910 exploits a stack-based buffer overflow vulnerability, which can be triggered by specially crafted input.
Is CVE-2007-5910 still a threat today?
While CVE-2007-5910 was discovered years ago, it remains a potential threat for systems that have not been updated and patched accordingly.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/symantec
- canonical/symantec mail security
- version/symantec mail security/5.0.1
- vendor/ibm
- canonical/ibm lotus notes
- version/ibm lotus notes/7.0.2
- vendor/autonomy
- canonical/autonomy keyview
- version/autonomy keyview/9.2.0
- version/symantec mail security/5.0.0.24
- version/symantec mail security/7.5
- vendor/activepdf
- canonical/activepdf docconverter
- version/activepdf docconverter/3.8.2_.5
- version/symantec mail security/5.0
- version/symantec mail security/5.0.0