Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/04/2008 Updated: 15/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote malicious users to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm lotus notes 6.0
ibm lotus notes 6.5
ibm lotus notes 7.0.3
autonomy keyview 10.3.0.0
ibm lotus notes 7.0
ibm lotus notes 7.0.2

CWE-119 http://secunia.com/secunia_research/2007-91/advisory/http://secunia.com/secunia_research/2007-92/advisory/http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 http://www.securityfocus.com/bid/28454 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://www.securitytracker.com/id?1019842 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1156 https://exchange.xforce.ibmcloud.com/vulnerabilities/41723 http://www.securityfocus.com/archive/1/490833/100/0/threaded http://www.securityfocus.com/archive/1/490832/100/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-5399

Vulnerability Summary

References

Vulmon Search

About

Products

Connect