NVD Vulnerability Detail

CVE-2007-6020

Summary	Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.
Publication Date	April 11, 2008, 3:05 a.m.
Registration Date	Jan. 29, 2021, 2:23 p.m.
Last Update	Oct. 16, 2018, 6:49 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:activepdf:docconverter:3.8.4.0:::::::*
cpe:2.3:a:autonomy:keyview:2.0.0.2:::::::*
cpe:2.3:a:autonomy:keyview:10.3.0.0:::::::*
cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0.2:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0.3:::::::*
cpe:2.3:a:symantec:mail_security:5.0::microsoft_exchange:::::
cpe:2.3:a:symantec:mail_security:5.0.0::smtp:::::
cpe:2.3:a:symantec:mail_security:5.0.1::smtp:::::
cpe:2.3:a:symantec:mail_security:7.5::domino:::::
cpe:2.3:a:symantec:mail_security_appliance:5.0:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	http://secunia.com/advisories/27763	SECUNIA	Vendor Advisory
2	http://secunia.com/advisories/28140	SECUNIA	Vendor Advisory
3	http://secunia.com/advisories/28209	SECUNIA	Vendor Advisory
4	http://secunia.com/advisories/28210	SECUNIA	Vendor Advisory
5	http://secunia.com/advisories/29342	SECUNIA	Vendor Advisory
6	http://secunia.com/secunia_research/2007-104/advisory/	MISC	Vendor Advisory
7	http://secunia.com/secunia_research/2007-105/advisory/	MISC	Vendor Advisory
8	http://secunia.com/secunia_research/2007-106/advisory/	MISC	Vendor Advisory
9	http://secunia.com/secunia_research/2007-107/advisory/	MISC	Vendor Advisory
10	http://securitytracker.com/id?1019805	SECTRACK
11	http://www.securityfocus.com/archive/1/490827/100/0/threaded	BUGTRAQ
12	http://www.securityfocus.com/archive/1/490829/100/0/threaded	BUGTRAQ
13	http://www.securityfocus.com/archive/1/490830/100/0/threaded	BUGTRAQ
14	http://www.securityfocus.com/archive/1/490831/100/0/threaded	BUGTRAQ
15	http://www.securityfocus.com/bid/28454	BID
16	http://www.securitytracker.com/id?1019841	SECTRACK
17	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html	CONFIRM
18	http://www.vupen.com/english/advisories/2008/1153	VUPEN
19	http://www.vupen.com/english/advisories/2008/1154	VUPEN
20	http://www.vupen.com/english/advisories/2008/1156	VUPEN
21	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	CONFIRM	Vendor Advisory
22	https://exchange.xforce.ibmcloud.com/vulnerabilities/41716	XF

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:activepdf:docconverter:3.8.4.0:::::::*
cpe:2.3:a:autonomy:keyview:2.0.0.2:::::::*
cpe:2.3:a:autonomy:keyview:10.3.0.0:::::::*
cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0.2:::::::*
cpe:2.3:a:ibm:lotus_notes:7.0.3:::::::*
cpe:2.3:a:symantec:mail_security:5.0::microsoft_exchange:::::
cpe:2.3:a:symantec:mail_security:5.0.0::smtp:::::
cpe:2.3:a:symantec:mail_security:5.0.1::smtp:::::
cpe:2.3:a:symantec:mail_security:7.5::domino:::::
cpe:2.3:a:symantec:mail_security_appliance:5.0:::::::*