Published: 28/12/2007 Updated: 15/10/2018

CVSS v2 Base Score: 8.8 | Impact Score: 9.2 | Exploitability Score: 8.6

VMScore: 885

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:N

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x up to and including 8.x, allow user-assisted remote malicious users to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm lotus notes 5.0
ibm lotus notes 8.0
ibm lotus notes 6.0
ibm lotus notes 6.5
ibm lotus notes 7.0

source: wwwsecurityfocuscom/bid/26604/info Autonomy KeyView is prone to multiple buffer-overflow vulnerabilities Successfully exploiting these issues could allow an attacker to execute arbitrary code in the context of the user running the application Multiple applications incorporate the vulnerable KeyView component, so they are also ...

CWE-119 http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html http://www.coresecurity.com/index.php5?action=item&id=2008 http://www.ibm.com/support/docview.wss?rs=475&uid=swg21285600 http://securitytracker.com/id?1019002 http://secunia.com/advisories/27835 http://secunia.com/advisories/27836 http://secunia.com/advisories/27849 http://securityreason.com/securityalert/3499 http://www.securityfocus.com/bid/26604 http://www.securitytracker.com/id?1019096 http://www.vupen.com/english/advisories/2007/4020 http://www.vupen.com/english/advisories/2007/4012 https://exchange.xforce.ibmcloud.com/vulnerabilities/38645 http://www.securityfocus.com/archive/1/484272/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30816/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-6593

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect