Vulnerability Details : CVE-2007-5406
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.
Vulnerability category: Denial of service
Products affected by CVE-2007-5406
- cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:*:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-5406
25.81%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-5406
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-5406
-
http://www.vupen.com/english/advisories/2008/1154
-
http://secunia.com/advisories/28140
Vendor Advisory
-
http://www.securityfocus.com/archive/1/490839/100/0/threaded
-
http://secunia.com/advisories/29342
Vendor Advisory
-
http://secunia.com/secunia_research/2007-97/advisory/
Vendor Advisory
-
http://secunia.com/advisories/27763
Vendor Advisory
-
http://www.vupen.com/english/advisories/2008/1153
-
http://www.securityfocus.com/archive/1/490825/100/0/threaded
-
http://www.securityfocus.com/bid/28454
-
http://secunia.com/secunia_research/2007-95/advisory/
Vendor Advisory
-
http://www.securitytracker.com/id?1019844
-
http://securitytracker.com/id?1019805
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41722
-
http://www.securityfocus.com/archive/1/490838/100/0/threaded
-
http://secunia.com/advisories/28209
Vendor Advisory
-
http://secunia.com/secunia_research/2007-98/advisory/
Vendor Advisory
-
http://www.vupen.com/english/advisories/2008/1156
-
http://secunia.com/advisories/28210
Vendor Advisory
-
http://www.securityfocus.com/archive/1/490837/100/0/threaded
-
http://secunia.com/secunia_research/2007-96/advisory/
Vendor Advisory
Jump to