What is the severity of CVE-2007-6020?

CVE-2007-6020 is classified as a critical vulnerability due to its potential to allow remote code execution.

How do I fix CVE-2007-6020?

To fix CVE-2007-6020, upgrade the affected software to the latest version released by the vendor which addresses this vulnerability.

Which software is affected by CVE-2007-6020?

CVE-2007-6020 affects multiple applications including ActivePDF DocConverter, IBM Lotus Notes, and Symantec Mail Security products.

Can CVE-2007-6020 be exploited remotely?

Yes, CVE-2007-6020 can be exploited remotely through specially crafted input, leading to potential arbitrary code execution.

What are the risks associated with CVE-2007-6020?

The risks associated with CVE-2007-6020 include unauthorized access, data breaches, and complete compromise of the affected systems.

Vulnerability/
CVE-2007-6020

critical

9.3

CWE

119

10/4/2008

15/10/2018

CVE-2007-6020: Buffer Overflow

First published: Thu Apr 10 2008(Updated: )

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

Credit: PSIRT-CNA@flexerasoftware.com

Affected Software	Affected Version	How to fix
IBM Lotus Notes	=6.0
Symantec Mail Security Appliance	=5.0
Symantec Mail Security	=5.0.1
HP Autonomy KeyView IDOL	=10.3.0.0
ActivePDF DocConverter	=3.8.4.0
HP Autonomy KeyView IDOL	=2.0.0.2
IBM Lotus Notes	=7.0
IBM Lotus Notes	=7.0.3
Symantec Mail Security	=7.5
IBM Lotus Notes	=6.5
Symantec Mail Security	=5.0
IBM Lotus Notes	=7.0.2
Symantec Mail Security	=5.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6020?
CVE-2007-6020 is classified as a critical vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2007-6020?
To fix CVE-2007-6020, upgrade the affected software to the latest version released by the vendor which addresses this vulnerability.
Which software is affected by CVE-2007-6020?
CVE-2007-6020 affects multiple applications including ActivePDF DocConverter, IBM Lotus Notes, and Symantec Mail Security products.
Can CVE-2007-6020 be exploited remotely?
Yes, CVE-2007-6020 can be exploited remotely through specially crafted input, leading to potential arbitrary code execution.
What are the risks associated with CVE-2007-6020?
The risks associated with CVE-2007-6020 include unauthorized access, data breaches, and complete compromise of the affected systems.

agent/references
agent/type
agent/last-modified-date
agent/first-publish-date
agent/weakness
agent/severity
agent/author
agent/description
agent/event
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm lotus notes
version/ibm lotus notes/6.0
vendor/symantec
canonical/symantec mail security appliance
version/symantec mail security appliance/5.0
canonical/symantec mail security
version/symantec mail security/5.0.1
vendor/autonomy
canonical/hp autonomy keyview idol
version/hp autonomy keyview idol/10.3.0.0
vendor/activepdf
canonical/activepdf docconverter
version/activepdf docconverter/3.8.4.0
version/hp autonomy keyview idol/2.0.0.2
version/ibm lotus notes/7.0
version/ibm lotus notes/7.0.3
version/symantec mail security/7.5
version/ibm lotus notes/6.5
version/symantec mail security/5.0
version/ibm lotus notes/7.0.2
version/symantec mail security/5.0.0