PT-2007-6842 · Activepdf+3 · Activepdf Docconverter+3
Eric Detoisien
·
Published
2007-11-10
·
Updated
2018-10-15
·
CVE-2007-5909
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Autonomy KeyView Viewer, Filter, and Export SDK versions prior to 9.2.0.12
ActivePDF DocConverter versions prior to 9.2.0.12
IBM Lotus Notes versions prior to 7.0.3
Symantec Mail Security versions prior to 9.2.0.12
Description
The issue allows remote attackers to execute arbitrary code via crafted files, including AG files to
kpagrdr.dll, AW files to awsr.dll, DLL or EXE files to exesr.dll, DOC files to mwsr.dll, MIF files to mifsr.dll, SAM files to lasr.dll, or RTF files to rtfsr.dll.Recommendations
For Autonomy KeyView Viewer, Filter, and Export SDK versions prior to 9.2.0.12, update to version 9.2.0.12 or later.
For ActivePDF DocConverter versions prior to 9.2.0.12, update to version 9.2.0.12 or later.
For IBM Lotus Notes versions prior to 7.0.3, update to version 7.0.3 or later.
For Symantec Mail Security versions prior to 9.2.0.12, update to version 9.2.0.12 or later.
Fix
RCE
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Activepdf Docconverter
Autonomy Keyview
Ibm Lotus Notes
Symantec Mail Security