Vulnerabilites related to symantec - mail_security
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:06
Severity ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*",
"matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*",
"matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*",
"matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."
}
],
"id": "CVE-2009-3032",
"lastModified": "2024-11-21T01:06:21.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-10 18:05
Modified
2024-11-21 00:37
Severity ?
Summary
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_notes | 6.0 | |
| ibm | lotus_notes | 6.5 | |
| ibm | lotus_notes | 7.0 | |
| ibm | lotus_notes | 8.0 | |
| ibm | lotus_notes | 8.0.1 | |
| symantec | mail_security | * | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.1 | |
| autonomy | keyview | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:*:*:domino:*:*:*:*:*",
"matchCriteriaId": "6D9CF359-CBCB-4EA2-B189-3CF01CE694D0",
"versionEndIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3D6178-9D83-44C7-8EBB-50CDB68CB5EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
},
{
"lang": "es",
"value": "kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, no parsea adecuadamente los token largos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU) a trav\u00e9s de un fichero .ag manipulado."
}
],
"evaluatorComment": "IBM description: http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453\r\n\r\nSymantec description:\r\nhttp://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
"id": "CVE-2007-5406",
"lastModified": "2024-11-21T00:37:49.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-10T18:05:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-01 16:30
Modified
2024-11-21 01:06
Severity ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF63CB53-00F5-42F5-B2AC-A0B02DB9B636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA56769-FBFE-4546-8672-5FB3BADF939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E09688-A7FA-496B-AA03-D211BF09FA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34D947D4-2750-4C73-8CEA-6F9BF3DA5C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B00BFCE1-D01F-408C-931B-A19BC472124B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5F6573-0FF1-4660-A9B9-5C6696525C82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en xlssr.dll en Autonomy KeyView XLS viewer(tambi\u00e9n conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de una manipulaci\u00f3n de la hoja de c\u00e1lculo .xls adjunta."
}
],
"id": "CVE-2009-3037",
"lastModified": "2024-11-21T01:06:22.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-01T16:30:00.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-10 02:46
Modified
2024-11-21 00:38
Severity ?
Summary
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| activepdf | docconverter | 3.8.2_.5 | |
| autonomy | keyview_export_sdk | * | |
| autonomy | keyview_filter_sdk | * | |
| autonomy | keyview_viewer_sdk | * | |
| ibm | lotus_notes | * | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.0.24 | |
| symantec | mail_security | 5.0.1 | |
| symantec | mail_security | 7.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E3116-26DC-492D-94EA-7BE531299FF8",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07FFE40A-6A96-4131-B537-8A4D8C1494AD",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E88061-F0E3-4CA9-8FCE-4B69FE4F3844",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
"versionEndIncluding": "7.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
"matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
"matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el IBM Lotus Notes anterior al 7.0.3, en el Symantec Mail Security y en otros productos, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de modificaciones en (1) el fichero AG del kpagrdr.dll, (2) en el fichero AW del awsr.dll, (3) en el fichero DLL o el (4) EXE del exesr.dll, (5) en el fichero DOC del mwsr.dll, (6) en el fichero MIF del mifsr.dll, (7) en el fichero SAM del lasr.dll o (8) en el fichero RTF del rtfsr.dll. NOTA: el vector WPD (wp6sr.dll) se trata en la vulnerabilidad CVE-2007-5910."
}
],
"id": "CVE-2007-5909",
"lastModified": "2024-11-21T00:38:55.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-11-10T02:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27304"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3357"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018853"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018886"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702doc-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702mif-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702sam-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702doc-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702mif-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702sam-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-10 18:05
Modified
2024-11-21 00:37
Severity ?
Summary
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| activepdf | docconverter | 3.8.2_.5 | |
| activepdf | docconverter | 3.8.4.0 | |
| autonomy | keyview | 2.0.0.2 | |
| autonomy | keyview | 10.3.0.0 | |
| ibm | lotus_notes | 6.0 | |
| ibm | lotus_notes | 6.5 | |
| ibm | lotus_notes | 7.0 | |
| ibm | lotus_notes | 7.0.2 | |
| ibm | lotus_notes | 7.0.3 | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.1 | |
| symantec | mail_security | 7.5 | |
| symantec | mail_security_appliance | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
"matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN."
}
],
"id": "CVE-2007-5405",
"lastModified": "2024-11-21T00:37:49.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-10T18:05:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-03 20:19
Modified
2024-11-21 00:27
Severity ?
Summary
Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | mail_security | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Symantec Mail Security para SMTP 5.0 anterior a Patch 175 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de cabeceras manipuladas en un mensaje e-mail. NOTA: algunas de estas informaciones se obtuvieron de terceras fuentes de informaci\u00f3n."
}
],
"id": "CVE-2007-1252",
"lastModified": "2024-11-21T00:27:52.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-03T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33840"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24371"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/875633"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22782"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017716"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0799"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32781"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/875633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32781"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-05 21:17
Modified
2024-11-21 00:33
Severity ?
Summary
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2AD14C-2BD2-4658-BDB0-232A9E26EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "1E739083-DFC2-4A89-9F84-E067E127D420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E65DC45B-8FA9-453E-8249-45535EA64D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DA3717-A218-459B-891C-F3F945D42A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F11687CE-E997-4D26-ACAE-B9175348ADDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*",
"matchCriteriaId": "2F90AD67-02CB-4006-B567-631FD633DB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "BC0F87D0-E4B5-41FC-8050-386B9CE04249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "FBBFF303-3DD6-4312-94CD-37E5170A93AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "59962A9A-10F4-4F1B-A5AB-8743C0874963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "346F8C27-F389-412C-B7C2-2CF3344E557C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51170553-03E8-4588-97A0-8DA57C37B5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C5A4C-9E39-4718-8BF1-283183B4A516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "301B1340-A402-4D3E-AAF8-17CD8B59517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:caching:*:*:*:*:*",
"matchCriteriaId": "52CE5595-323D-45A2-BD05-C6B2CBD6BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "3042D5B7-AE27-4664-87DB-679422029199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:messaging:*:*:*:*:*",
"matchCriteriaId": "671CBE65-1FCF-43B8-8D21-5C8CC7C17417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "28BD859A-F57B-444C-8083-AE99E59B9DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "6158E16F-468A-4B76-8199-500FCAC1E54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "992DB720-52A8-43D4-B74B-96C0F763ED0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "685F58DC-6BD3-499C-A9D5-BB9C909FE857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95436CD6-8E9C-4F89-9683-0650F6167027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC910CFD-9F20-473E-BC2D-64A7A3C14404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "849782E0-9F26-411F-82B9-88B5FC4F4C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD87DB3-45C2-4091-A83B-25E427563C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0910781-9EF9-4188-AA33-1C54F01A0832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7647813B-2B9F-4B0F-96D1-C533A49DDC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09AD23D0-4502-4090-9172-002B92D83C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*",
"matchCriteriaId": "97AF14CF-3BD6-4A03-B543-3150C656198E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*",
"matchCriteriaId": "8A1E2653-A061-48BD-AC62-643CDD78E859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*",
"matchCriteriaId": "11C1491F-01A1-47B1-87BB-6F7676448A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "9204DC08-0809-4762-B5CB-5485E67CA31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*",
"matchCriteriaId": "841CF36F-14A0-49A6-8442-681F25DC8DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "DA6CFDFD-1EB4-458A-AD39-320E619593D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "05B85F14-4248-4550-BE7F-D9BAB9DC90C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build456:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "419D2E24-CA90-471D-9F35-1795F6A65B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build463:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "965DA3C4-7559-4583-A5DC-BEABEAA7E87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build465:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EBEB8E8E-DB27-45FB-90CA-2CF3A515AC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build736:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8184E073-37B0-4654-8DF8-379EFC5FB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build741:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C29B7C1F-C4AB-4CAB-8177-B64F4B8A2B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build743:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "D1FBFE00-4692-48C2-A6C7-9179E185A275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "DBE74BFA-003E-40CC-83E1-1AC7159B0C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E21CDCBA-3C86-462B-8383-58C893978EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build459:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E6179A68-2322-4D79-9446-5A5E4B27AD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build461:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EE92421B-C0CA-4B28-9E26-EF0A115C9330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "DC8AD646-E257-4065-B358-8B4944D327E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F50BA510-67D5-4FF1-87D0-215B68D20EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"matchCriteriaId": "5CA62889-7A55-459F-BFD8-D38CD93F9219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*",
"matchCriteriaId": "766327B9-E8DA-4422-80C2-48E333161D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*",
"matchCriteriaId": "3C5FF883-831F-47CC-BD04-BBFD25BDE8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C6EAA83D-2073-4360-BD3C-59AF34EADE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "60D239DF-65AD-4492-AEE1-FCD36E99DD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*",
"matchCriteriaId": "7AD92ABA-2D03-46FD-85D5-33FC369015DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8E1C4824-3774-41EF-80E1-42A417830978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "A3D2C4B6-2F13-4487-989E-AC247D4D011A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "091D4557-21F6-412F-933A-9F0FD8152E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*",
"matchCriteriaId": "2CC0DE59-149C-42DD-9516-BDB79A9BC412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88FE6753-A619-4703-8120-F23EEC8C48EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "E72D8D65-340C-4505-AA80-F9E7870513EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "774AD674-895A-4242-9AC9-BAD6CB862785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "C9797D21-CD64-4B61-A4C1-AC4AD3F9B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "618F6F78-566A-4901-8B57-BB6DCAC7E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "EB7F329F-4390-4735-B2C2-BC6A72FBE36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A5D058F6-779B-4ED4-ADC7-A68491F72BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:mr4_build_1000:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "29E1AF72-6D48-4DAF-904A-B55366189251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4B5EE3B2-FF16-4231-B99D-81CB10239576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "7D26AB91-36AB-4BF6-9D0D-098F04C60AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "E5E0AB4E-4DD0-4D87-BBE5-B459A8B7301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4433613D-EB44-4D60-861F-F9FFA2ED4F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FF0903BD-3E78-4024-A773-16100F519B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "BF18D806-E781-4F17-9341-D48CBC06949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "1B390577-F1F1-4821-90FB-967E749F7CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88AA69B4-865C-4959-9681-62A7591D6CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "55EDC888-F593-49E8-95A4-87D8FE9CC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B7A47F4F-DC34-4B7D-9C3A-4631FFFC1142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B70ACBE6-C754-4A6F-AC2F-89657DA179E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "8C6C2421-5651-4B3F-9DBC-DC411C989BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5B967B9A-215D-470A-9722-5782D0AE0980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "F4BFDD98-F70E-41A9-9245-7EC5D140D4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "DFC9BF64-65E7-4E0E-A637-13794A02CEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "6B188333-A087-4FC7-864B-F802932455F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A33A8A08-F356-4616-A603-00ADCC062D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B5889206-CE1C-489B-8984-EE4055BBC6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "62EA1AE0-6A8B-4C13-B95D-7F9694AD5535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:mr4_mp1_build4010:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B31249CA-296D-42C2-8939-61B990559BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5C6B6D3A-715A-45B9-8231-77A6DE847973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "73A3CB7B-DD39-48E7-8D33-1E222933A7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "116F0C9D-9255-4B98-B1CF-C78A96240784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A8957B43-0673-439F-86F6-5791372BA498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "D2ACD718-6232-463A-ACEE-B06A02D3243A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "44073E2A-A8AB-4D1A-BCFC-8439E40E97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "3967227C-FCB1-486E-A6C4-43B8004C4A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "894F1929-1029-4B57-A66A-EA58F7D94D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "C532E93A-5D0D-454D-8B14-F5E9C6A0499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "F648A08A-24EF-45A5-B7FD-00CAD5892061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:premier:*:*:*:*:*",
"matchCriteriaId": "CBB1521D-B16D-4E28-8723-AF96E95D7596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "67EECA52-EECB-4AAA-85F9-ADBE028B8068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "CE8022C6-360B-4A3D-AD70-3DC79B339231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_\\+for_domino:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE8BC0-663C-4D1D-8FF5-13F682BBEE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60B08F85-A0E6-4984-83E9-41CD29751BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "690F3A5F-F990-41C9-9964-B033188C86F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43E4FAC8-2893-48FA-B159-49C8AA380338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "5D37768F-A43C-420E-85CA-A5EF3E30F47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE3F492-D08F-4558-BC19-F33BBB0D55A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CD5C31-4F4A-44F1-A3E1-2B4BB78E152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*",
"matchCriteriaId": "F39BAADB-6BF1-4871-ABEC-4BFA1321FE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*",
"matchCriteriaId": "451A414E-1A02-45D1-8DFC-61B3E17BF12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B05B8522-E203-49A0-8C5B-3DA7B06AF5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD064CE-3C39-4243-B59E-CC8E48ED50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9886B467-793C-4D07-9B1B-B80FA5266D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"matchCriteriaId": "676F5A96-B21B-49FF-86EA-F18F9C3931C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"matchCriteriaId": "18991132-C5B6-43AB-BDCB-196BB2957F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"matchCriteriaId": "42CE2596-83A9-4A80-A8C6-825EDEAAB8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA16BAF-6263-44EA-B3EB-187264913D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*",
"matchCriteriaId": "8E7C32F4-1225-4A4E-BD98-DFE026383482",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76147168-37FB-444C-BD40-EFC31A0A499A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "823BD557-6352-4EC2-AE78-2C0CE6F660D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
},
{
"lang": "es",
"value": "El componente Decomposer en m\u00faltiples productos Symantec permite a atacantes remotos provocar denegaci\u00f3n de servicio (bucles infinitos) a trav\u00e9s de ciertos valores en el campo PACK_SIZE de una cabecera de archivo RAR."
}
],
"id": "CVE-2007-3699",
"lastModified": "2024-11-21T00:33:51.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-10-05T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36119"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 18:15
Modified
2024-11-21 04:23
Severity ?
Summary
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | https://support.symantec.com/us/en/article.SYMSA1488.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/us/en/article.SYMSA1488.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection_manager | * | |
| symantec | endpoint_protection_manager | 14.2 | |
| symantec | mail_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A27B5A0-A047-4AC5-9CE1-7808641BCCE5",
"versionEndIncluding": "14.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C72A5FE1-0382-46BC-9E8F-B338443F89AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:microsoft_exchange:*:*",
"matchCriteriaId": "D14A6653-25F7-44AF-A7E3-37842B9D1B8D",
"versionEndExcluding": "7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection Manager (SEPM) y Symantec Mail Security for MS Exchange (SMSMSE), versiones anteriores a las versiones 14.2 RU2 y 7.5.x respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2019-12759",
"lastModified": "2024-11-21T04:23:30.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T18:15:10.907",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-21 17:15
Modified
2024-11-21 01:45
Severity ?
Summary
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE05C15-E8B6-440F-BFB5-4A1CA7D3B382",
"versionEndIncluding": "8.5.3.6",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:notes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8FF0B4-21A9-414D-938A-B27D6EF8350E",
"versionEndIncluding": "8.5.3",
"versionStartIncluding": "8.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B17C35B-5DF5-42CF-B97E-FB2D24747603",
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_enforce\\/detection_servers:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "32914759-628E-4F6E-8ADA-291F4F80FF62",
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_enforce\\/detection_servers:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "056E5F20-0573-45E8-80A2-F1B5516500EF",
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:microsoft_exchange:*:*",
"matchCriteriaId": "05E1DA05-2A64-4B66-9C3A-42407BAE35F4",
"versionEndIncluding": "6.5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:domino:*:*",
"matchCriteriaId": "741E89BC-A1F6-4385-B5FC-8541E9C71BB8",
"versionEndIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B40695CA-A51A-4383-9E99-5FBC1AD8F6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A7C81B-DA0B-4A32-98ED-9D3A26CB3A49",
"versionEndExcluding": "10.0.1",
"versionStartIncluding": "9.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:autonomy_keyview_idol:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D21A9CB-B944-4087-A20F-5DBDDB43E6D1",
"versionEndExcluding": "10.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to \"a number of underlying issues\" in which \"some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Autonomy KeyView IDOL versiones anteriores a 10.16, como es usado en Symantec Mail Security para Microsoft Exchange versiones anteriores a 6.5.8, Symantec Mail Security para Domino versiones anteriores a 8.1.1, Symantec Messaging Gateway versiones anteriores a 10.0.1, Symantec Data Loss Prevention (DLP) versiones anteriores a 11.6.1, IBM Notes versiones 8.5.x, IBM Lotus Domino versiones 8.5.x anteriores a 8.5.3 FP4, y otros productos, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) por medio de un archivo dise\u00f1ado, relacionado con \"una serie de problemas subyacentes\" en los que \"algunos de estos casos demostraron corrupci\u00f3n de la memoria con una entrada controlada por el atacante y podr\u00edan ser explotados para ejecutar c\u00f3digo arbitrario\"."
}
],
"id": "CVE-2012-6277",
"lastModified": "2024-11-21T01:45:58.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-21T17:15:10.883",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56610"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/56610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/plugins/nessus/67192"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-08 05:00
Modified
2024-11-20 23:54
Severity ?
Summary
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5797D88E-6D89-46F9-AC32-154754D6B856",
"versionEndExcluding": "4.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95436CD6-8E9C-4F89-9683-0650F6167027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC910CFD-9F20-473E-BC2D-64A7A3C14404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
"matchCriteriaId": "BE15AE1D-8647-444F-90F0-FC658A3AC344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
"matchCriteriaId": "0C03FA86-F2E6-4E41-8368-E917C91D7837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
"matchCriteriaId": "95BF74F0-40F1-4395-AC85-E6B566950C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
"matchCriteriaId": "994CB184-AFE8-4673-ACE8-085813F1E71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
"matchCriteriaId": "85CF6FFB-4189-4558-A70D-DE6D4C0C1F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
"matchCriteriaId": "31D6A148-A92C-4FCA-8762-16764D62C363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
"matchCriteriaId": "3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
"matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
"matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
"matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
"matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A939A3CE-BFBB-4950-A0D3-D5731AABF602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC7324C-0415-4349-A625-04A8209D7709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "031C9545-1CF1-46EF-B79C-7AD69E1B1C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "DA6CFDFD-1EB4-458A-AD39-320E619593D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*",
"matchCriteriaId": "15436586-B0EE-40F4-9051-90953CF3684D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*",
"matchCriteriaId": "96290C64-A507-46B6-908D-AD567A21899F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*",
"matchCriteriaId": "2955A350-222F-4AD9-9745-9468D46503F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"matchCriteriaId": "5CA62889-7A55-459F-BFD8-D38CD93F9219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*",
"matchCriteriaId": "3E906A81-4081-438E-948C-FC82BF7203F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
"matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*",
"matchCriteriaId": "8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9603C423-F24A-4607-B721-D02EDA94AE8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*",
"matchCriteriaId": "574AAAA6-8181-457B-84CE-5AEB1895E3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF957AD3-B6E5-4BD7-832F-33E734817B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*",
"matchCriteriaId": "14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*",
"matchCriteriaId": "768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*",
"matchCriteriaId": "DFD3D01C-9169-4CFE-9EA0-61D32BFA8943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*",
"matchCriteriaId": "A7FC3B67-D36C-4C9F-B5DC-8FBE3D6E9E29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*",
"matchCriteriaId": "676BCD67-231B-409B-AE6B-D00314C30C9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*",
"matchCriteriaId": "20030FF8-7275-4AFB-A051-C78F3D3990D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*",
"matchCriteriaId": "4CD83506-91E9-4556-A993-8FDD31FBDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4004DB50-022B-48C9-B9E5-5110DF37A0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B05B8522-E203-49A0-8C5B-3DA7B06AF5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD064CE-3C39-4243-B59E-CC8E48ED50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9886B467-793C-4D07-9B1B-B80FA5266D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"matchCriteriaId": "676F5A96-B21B-49FF-86EA-F18F9C3931C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"matchCriteriaId": "18991132-C5B6-43AB-BDCB-196BB2957F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"matchCriteriaId": "42CE2596-83A9-4A80-A8C6-825EDEAAB8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA16BAF-6263-44EA-B3EB-187264913D8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header."
}
],
"id": "CVE-2005-0249",
"lastModified": "2024-11-20T23:54:43.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-08T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1013133"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1013133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-18 22:55
Modified
2024-11-21 01:24
Severity ?
Summary
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8C3973-B0BC-4649-BAE3-2A8E7A43711D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "23814C81-4058-4772-99FE-ACF667F3F007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4CCA5D-0586-4453-BEA1-04E8D33853F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D06A2B-40DA-4F28-85AD-BFF9D21F4AB6",
"versionEndIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC3C1B7-73FC-407A-9EFB-7B25F67F6B74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D70FC5D5-0230-4E06-852B-6F44D3C30956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD7C7F5-B444-4205-95E8-66EEF09C5B57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "00FCAADA-AF2C-4B77-85FD-164977D72854",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B69880-197A-4CDF-8137-FA7265F47899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2391478-B933-4D12-83AF-7627B2AA9BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC9D871-3946-4A9A-9A64-9AB5B3E9632D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_and_messaging_gateway:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "109EAF12-19C9-4332-B7E6-D39A85508220",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CB5ECA0-85AC-4DAC-9CBA-35E729D1BB1B",
"versionEndIncluding": "10.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDD5F65-FC86-4BAF-8C09-85A2A171CB29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D816241-534F-4CC9-9D3B-EF7E44655DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A128389-3A28-45A9-A6A3-C0AB0726EBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCC69D1-4565-4EBC-AC34-685C24AB3282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "062A4D59-651B-41A7-B787-33F6970790C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0DBE01A-3C12-494C-B7E9-0BCD406C74A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "40CF3C33-4C43-4428-908A-7C16C3004EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1F542CC1-193B-4503-B106-E0423BF88B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD1850A-6FE6-4E0B-A15C-9FBDD7E8A80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11044D7D-313E-4E16-A096-E1B79C02919B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46F9853C-025D-4C4E-B895-6DBCE65DFE11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Lotus Freelance Graphics PRZ file viewer en Auntonomy KeyView, tal como se utiliza en Symantec Mail Security (SMS) v6.x hasta v8.x, Symantec Brightmail y Messaging Gateway antes de v9.5.1, y Symantec Data Loss Prevention (DLP) antes de v10.5.3 y v11.x antes de v11,1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero .prz manipulado. Nota: Esta vulnerabilidad puede solaparse con CVE-2011-1217"
}
],
"id": "CVE-2011-0548",
"lastModified": "2024-11-21T01:24:16.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-18T22:55:00.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44779"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025594"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025595"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025596"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-10 18:05
Modified
2024-11-21 00:39
Severity ?
Summary
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| activepdf | docconverter | 3.8.4.0 | |
| autonomy | keyview | 2.0.0.2 | |
| autonomy | keyview | 10.3.0.0 | |
| ibm | lotus_notes | 6.0 | |
| ibm | lotus_notes | 6.5 | |
| ibm | lotus_notes | 7.0 | |
| ibm | lotus_notes | 7.0.2 | |
| ibm | lotus_notes | 7.0.3 | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.1 | |
| symantec | mail_security | 7.5 | |
| symantec | mail_security_appliance | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
"matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en foliosr.dll en el lector r\u00e1pido Folio Flat File de Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, permiten a atacentes remotos ejecutar c\u00f3digo de su elecci\u00f3na trav\u00e9s de un valor largo en los atributos de las etiquetas (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS en un fichero .fff."
}
],
"id": "CVE-2007-6020",
"lastModified": "2024-11-21T00:39:11.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-10T18:05:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-105/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-106/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1019841"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-105/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-106/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-26 17:07
Modified
2024-11-21 00:19
Severity ?
Summary
Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | mail_security | 5.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "A3D2C4B6-2F13-4487-989E-AC247D4D011A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay."
},
{
"lang": "es",
"value": "Premium Antispam de Symantec Mail Security para Domino Server 5.1.x anterioers a 5.1.2.28 no filtra formatos de direcciones SMTP concretas, que permite a atacantes remotos utilizar el producto como un retransmisor de correo no deseado (spam)."
}
],
"id": "CVE-2006-5545",
"lastModified": "2024-11-21T00:19:40.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-26T17:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017094"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/29895"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19866"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4118"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/29895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29676"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-27 17:30
Modified
2024-11-21 00:29
Severity ?
Summary
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | mail_security_8820_appliance | * | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "685D4803-ADA2-4512-87B7-0BAF0D1899A2",
"versionEndIncluding": "5.0.0-35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of \"PE-Shield v0.2\" and \"ASPack v1.00-1.08.02\"."
},
{
"lang": "es",
"value": "libdayzero.dll en el servicio Filter Hub (filter-hub.exe) en Symantec Mail Security para SMTP anterior a 5.0.1 Patch 181 y Mail Security Appliance anterior a 5.0.0-36 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida) a trav\u00e9s de adjuntos ejecutables manipulados en un e-mail, afectando a la detecci\u00f3n de \"PE-Shield v0.2\" y \"ASPack v1.00-1.08.02\"."
}
],
"id": "CVE-2007-1792",
"lastModified": "2024-11-21T00:29:10.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-27T17:30:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/36110"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24632"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-48/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/24625"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securitytracker.com/id?1018301"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2007/2335"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-48/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-17 20:00
Modified
2024-11-21 01:11
Severity ?
Summary
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| autonomy | keyview_export_sdk | 10.4 | |
| autonomy | keyview_export_sdk | 10.9 | |
| autonomy | keyview_filter_sdk | 10.4 | |
| autonomy | keyview_filter_sdk | 10.9 | |
| autonomy | keyview_viewer_sdk | 10.4 | |
| autonomy | keyview_viewer_sdk | 10.9 | |
| symantec | mail_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F588C397-FB3F-4A04-A015-B6F6D9C3B994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C456319D-6699-4970-A146-6E52DD285D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C558D1E3-4C6B-4C00-A415-5B9E343073D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "706571F3-D347-4760-A55B-4F465DAFCBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4056FDC9-27A4-41D9-9C84-B50A66F30161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "73ECC62B-CED2-4401-A2F7-8E714D20D111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24C40C7A-702F-4B72-A24B-385990EA6511",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el lector SpreadSheet Lotus 123 (wkssr.dll), como el usado en Autonomy KeyView v10.4 y v10.9, Symantec Mail Security, y posiblemente otros productos, permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de vectores no especificados relacionados con conversi\u00f3n de coma flotante en tipos de registro desconocidos."
}
],
"id": "CVE-2010-0131",
"lastModified": "2024-11-21T01:11:35.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-17T20:00:02.547",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-23/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-25/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/41928"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-23/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2010-25/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/41928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus_scan_engine | 4.3.7.27 | |
| symantec | mail_security | 4.0.5.66 | |
| symantec | mail_security | 4.5.4.743 | |
| symantec | norton_antivirus | 2005_11.0.0 | |
| symantec | norton_internet_security | 2005_contains_nav_11.0.0 | |
| symantec | norton_system_works | 2005_contains_nav_11.0.0 | |
| symantec | symav_filter_domino_nt | 3.1.1.87 | |
| symantec | web_security | 3.0.1.72 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51170553-03E8-4588-97A0-8DA57C37B5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0.5.66:*:smtp:*:*:*:*:*",
"matchCriteriaId": "111FA175-C681-4524-AF08-1C65C44189CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5.4.743:*:exchange:*:*:*:*:*",
"matchCriteriaId": "AF7B2BEA-4030-4360-ABA6-8DF44DB67E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005_11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEBDC11-A174-4974-8D57-469CD9C749C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FE1A0A-4352-459A-892D-29AB14AA3B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005_contains_nav_11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2DC849-2C1D-43B5-B9A9-599DAA05EE8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:symav_filter_domino_nt:3.1.1.87:*:*:*:*:*:*:*",
"matchCriteriaId": "54C8D211-9151-4D95-907E-19BD465C320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.72:*:*:*:*:*:*:*",
"matchCriteriaId": "47BC2FF9-A77F-46B8-A714-BBA08A81E5A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file."
}
],
"id": "CVE-2005-1346",
"lastModified": "2024-11-20T23:57:08.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-10 02:46
Modified
2024-11-21 00:38
Severity ?
Summary
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| activepdf | docconverter | 3.8.2_.5 | |
| autonomy | keyview_export_sdk | * | |
| autonomy | keyview_filter_sdk | * | |
| autonomy | keyview_viewer_sdk | * | |
| ibm | lotus_notes | * | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0 | |
| symantec | mail_security | 5.0.0 | |
| symantec | mail_security | 5.0.0.24 | |
| symantec | mail_security | 5.0.1 | |
| symantec | mail_security | 7.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "872E3116-26DC-492D-94EA-7BE531299FF8",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07FFE40A-6A96-4131-B537-8A4D8C1494AD",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9E88061-F0E3-4CA9-8FCE-4B69FE4F3844",
"versionEndIncluding": "9.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
"versionEndIncluding": "7.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
"matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
"matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el wp6sr.dll del IBM Lotus Notes 8.0 y anteriores al 7.0.3, en el Symantec Mail Security y en otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero modificado de WordPerfect (WPD)."
}
],
"id": "CVE-2007-5910",
"lastModified": "2024-11-21T00:38:55.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-11-10T02:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27304"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3357"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018853"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018886"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://vuln.sg/lotusnotes702wpd-en.html"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26175"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://vuln.sg/lotusnotes702wpd-en.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3697"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-05 21:17
Modified
2024-11-21 00:25
Severity ?
Summary
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2AD14C-2BD2-4658-BDB0-232A9E26EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "1E739083-DFC2-4A89-9F84-E067E127D420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E65DC45B-8FA9-453E-8249-45535EA64D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DA3717-A218-459B-891C-F3F945D42A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F11687CE-E997-4D26-ACAE-B9175348ADDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*",
"matchCriteriaId": "2F90AD67-02CB-4006-B567-631FD633DB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "BC0F87D0-E4B5-41FC-8050-386B9CE04249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "FBBFF303-3DD6-4312-94CD-37E5170A93AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "59962A9A-10F4-4F1B-A5AB-8743C0874963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "346F8C27-F389-412C-B7C2-2CF3344E557C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51170553-03E8-4588-97A0-8DA57C37B5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C5A4C-9E39-4718-8BF1-283183B4A516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "301B1340-A402-4D3E-AAF8-17CD8B59517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:caching:*:*:*:*:*",
"matchCriteriaId": "52CE5595-323D-45A2-BD05-C6B2CBD6BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "3042D5B7-AE27-4664-87DB-679422029199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:messaging:*:*:*:*:*",
"matchCriteriaId": "671CBE65-1FCF-43B8-8D21-5C8CC7C17417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "28BD859A-F57B-444C-8083-AE99E59B9DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "6158E16F-468A-4B76-8199-500FCAC1E54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "992DB720-52A8-43D4-B74B-96C0F763ED0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "685F58DC-6BD3-499C-A9D5-BB9C909FE857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95436CD6-8E9C-4F89-9683-0650F6167027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC910CFD-9F20-473E-BC2D-64A7A3C14404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "849782E0-9F26-411F-82B9-88B5FC4F4C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD87DB3-45C2-4091-A83B-25E427563C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0910781-9EF9-4188-AA33-1C54F01A0832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7647813B-2B9F-4B0F-96D1-C533A49DDC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09AD23D0-4502-4090-9172-002B92D83C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*",
"matchCriteriaId": "97AF14CF-3BD6-4A03-B543-3150C656198E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*",
"matchCriteriaId": "8A1E2653-A061-48BD-AC62-643CDD78E859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*",
"matchCriteriaId": "11C1491F-01A1-47B1-87BB-6F7676448A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "9204DC08-0809-4762-B5CB-5485E67CA31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*",
"matchCriteriaId": "841CF36F-14A0-49A6-8442-681F25DC8DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "DA6CFDFD-1EB4-458A-AD39-320E619593D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "05B85F14-4248-4550-BE7F-D9BAB9DC90C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build456:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "419D2E24-CA90-471D-9F35-1795F6A65B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build463:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "965DA3C4-7559-4583-A5DC-BEABEAA7E87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build465:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EBEB8E8E-DB27-45FB-90CA-2CF3A515AC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build736:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8184E073-37B0-4654-8DF8-379EFC5FB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build741:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C29B7C1F-C4AB-4CAB-8177-B64F4B8A2B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build743:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "D1FBFE00-4692-48C2-A6C7-9179E185A275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "DBE74BFA-003E-40CC-83E1-1AC7159B0C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E21CDCBA-3C86-462B-8383-58C893978EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build459:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E6179A68-2322-4D79-9446-5A5E4B27AD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build461:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EE92421B-C0CA-4B28-9E26-EF0A115C9330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "DC8AD646-E257-4065-B358-8B4944D327E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F50BA510-67D5-4FF1-87D0-215B68D20EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"matchCriteriaId": "5CA62889-7A55-459F-BFD8-D38CD93F9219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*",
"matchCriteriaId": "766327B9-E8DA-4422-80C2-48E333161D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*",
"matchCriteriaId": "3C5FF883-831F-47CC-BD04-BBFD25BDE8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C6EAA83D-2073-4360-BD3C-59AF34EADE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "60D239DF-65AD-4492-AEE1-FCD36E99DD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*",
"matchCriteriaId": "7AD92ABA-2D03-46FD-85D5-33FC369015DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8E1C4824-3774-41EF-80E1-42A417830978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "A3D2C4B6-2F13-4487-989E-AC247D4D011A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "091D4557-21F6-412F-933A-9F0FD8152E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*",
"matchCriteriaId": "2CC0DE59-149C-42DD-9516-BDB79A9BC412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88FE6753-A619-4703-8120-F23EEC8C48EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "E72D8D65-340C-4505-AA80-F9E7870513EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "774AD674-895A-4242-9AC9-BAD6CB862785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "C9797D21-CD64-4B61-A4C1-AC4AD3F9B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "618F6F78-566A-4901-8B57-BB6DCAC7E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "EB7F329F-4390-4735-B2C2-BC6A72FBE36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A5D058F6-779B-4ED4-ADC7-A68491F72BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:mr4_build_1000:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "29E1AF72-6D48-4DAF-904A-B55366189251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4B5EE3B2-FF16-4231-B99D-81CB10239576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "7D26AB91-36AB-4BF6-9D0D-098F04C60AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "E5E0AB4E-4DD0-4D87-BBE5-B459A8B7301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4433613D-EB44-4D60-861F-F9FFA2ED4F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FF0903BD-3E78-4024-A773-16100F519B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "BF18D806-E781-4F17-9341-D48CBC06949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "1B390577-F1F1-4821-90FB-967E749F7CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88AA69B4-865C-4959-9681-62A7591D6CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "55EDC888-F593-49E8-95A4-87D8FE9CC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B7A47F4F-DC34-4B7D-9C3A-4631FFFC1142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B70ACBE6-C754-4A6F-AC2F-89657DA179E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "8C6C2421-5651-4B3F-9DBC-DC411C989BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5B967B9A-215D-470A-9722-5782D0AE0980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "F4BFDD98-F70E-41A9-9245-7EC5D140D4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "DFC9BF64-65E7-4E0E-A637-13794A02CEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "6B188333-A087-4FC7-864B-F802932455F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A33A8A08-F356-4616-A603-00ADCC062D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B5889206-CE1C-489B-8984-EE4055BBC6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "62EA1AE0-6A8B-4C13-B95D-7F9694AD5535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:mr4_mp1_build4010:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B31249CA-296D-42C2-8939-61B990559BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5C6B6D3A-715A-45B9-8231-77A6DE847973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "73A3CB7B-DD39-48E7-8D33-1E222933A7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "116F0C9D-9255-4B98-B1CF-C78A96240784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A8957B43-0673-439F-86F6-5791372BA498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "D2ACD718-6232-463A-ACEE-B06A02D3243A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "44073E2A-A8AB-4D1A-BCFC-8439E40E97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "3967227C-FCB1-486E-A6C4-43B8004C4A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "894F1929-1029-4B57-A66A-EA58F7D94D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "C532E93A-5D0D-454D-8B14-F5E9C6A0499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "F648A08A-24EF-45A5-B7FD-00CAD5892061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:premier:*:*:*:*:*",
"matchCriteriaId": "CBB1521D-B16D-4E28-8723-AF96E95D7596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "67EECA52-EECB-4AAA-85F9-ADBE028B8068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "CE8022C6-360B-4A3D-AD70-3DC79B339231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_\\+for_domino:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE8BC0-663C-4D1D-8FF5-13F682BBEE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60B08F85-A0E6-4984-83E9-41CD29751BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "690F3A5F-F990-41C9-9964-B033188C86F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43E4FAC8-2893-48FA-B159-49C8AA380338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "5D37768F-A43C-420E-85CA-A5EF3E30F47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE3F492-D08F-4558-BC19-F33BBB0D55A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CD5C31-4F4A-44F1-A3E1-2B4BB78E152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*",
"matchCriteriaId": "F39BAADB-6BF1-4871-ABEC-4BFA1321FE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*",
"matchCriteriaId": "451A414E-1A02-45D1-8DFC-61B3E17BF12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B05B8522-E203-49A0-8C5B-3DA7B06AF5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD064CE-3C39-4243-B59E-CC8E48ED50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9886B467-793C-4D07-9B1B-B80FA5266D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"matchCriteriaId": "676F5A96-B21B-49FF-86EA-F18F9C3931C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"matchCriteriaId": "18991132-C5B6-43AB-BDCB-196BB2957F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"matchCriteriaId": "42CE2596-83A9-4A80-A8C6-825EDEAAB8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA16BAF-6263-44EA-B3EB-187264913D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*",
"matchCriteriaId": "8E7C32F4-1225-4A4E-BD98-DFE026383482",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76147168-37FB-444C-BD40-EFC31A0A499A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "823BD557-6352-4EC2-AE78-2C0CE6F660D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el componente Decomposer en m\u00faltiples producto Symantec que permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de archivos .CAB manipulados."
}
],
"id": "CVE-2007-0447",
"lastModified": "2024-11-21T00:25:53.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-05T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36118"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-18 15:30
Modified
2024-11-21 00:51
Severity ?
Summary
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B16D7CE-3770-46A6-BECA-76989E9639BE",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB3799E-43FC-40AA-85EC-72D87962C95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B92810D7-A5C2-4118-8B67-9E1A49C6C4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "893D0CC9-971E-4C78-AD80-D004D8BB5F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15B8E1D9-ADF9-40B2-A652-53CDEF60FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "177E8A5C-0812-47BC-9CFC-F8E25A0F42AB",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E3B7CC-48D2-4EB0-A0D9-44AA6947CF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B90F221E-6C5A-4844-A098-53BE40E78A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F4A68C-EF5D-41BB-A518-D277927D80D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6E0041-6647-4B04-B4C1-019E1F12E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD370EEA-A33C-45B2-8FC6-C419AD6468E4",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE65E34-052C-4614-BA69-71D96EBC65E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D56C0E-3403-4B91-A064-69E46770FBBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB6C6D0-0848-45D0-ACA7-03B46F42AE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E50CAF0-1F3A-4F57-A8DA-91B7840BBE3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6701EB-AF87-4B63-A8B5-AA27C28DFFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "E1BE16AC-118D-4BA0-AE37-3DB2E4E417DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F945149-43CC-4EAC-9A78-C6A3BA6FAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D42BEF4-9BB4-4CCF-9395-C306C3CEBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "DC2C0DBF-382C-4F96-8497-2FABD7CB67C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "42A91935-15AC-4F64-AD3D-EFAD08955562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37076C05-12CE-484C-AB10-711BABFF6992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5F3BAC-B470-4FB7-88AF-47A33D46EF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD0A99F-6B8A-4BB9-B8A7-40BB5D7B7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8960720-5DF0-4F4C-9603-09A85FAF843D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "3E9D9CE3-109C-4035-9934-2B457268985D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "E258E769-38CC-4E62-8158-3D549263ED1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C890707A-D2DF-403A-87CB-2AB01E85D8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
"matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*",
"matchCriteriaId": "5BBAE476-DB98-4464-81DF-8EC386E808B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*",
"matchCriteriaId": "225BA7A2-8C45-42F1-921B-105CF8F0F22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "B1E6B709-B44B-47AC-A7FF-0C248D777D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero Word Perfect Document (WPD) manipulado."
}
],
"id": "CVE-2008-4564",
"lastModified": "2024-11-21T00:51:59.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T15:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52713"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34303"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34307"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34318"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34355"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021856"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021857"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0757"
},
{
"source": "cve@mitre.org",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-12759
Vulnerability from cvelistv5
Published
2019-11-15 17:41
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1488.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM), Symantec Mail Security for MS Exchange (SMSMSE) |
Version: prior to versions 14.2 RU2, prior to 7.5.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM), Symantec Mail Security for MS Exchange (SMSMSE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to versions 14.2 RU2, prior to 7.5.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T17:41:24",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM), Symantec Mail Security for MS Exchange (SMSMSE)",
"version": {
"version_data": [
{
"version_value": "prior to versions 14.2 RU2, prior to 7.5.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1488.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12759",
"datePublished": "2019-11-15T17:41:24",
"dateReserved": "2019-06-06T00:00:00",
"dateUpdated": "2024-08-04T23:32:55.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1252
Vulnerability from cvelistv5
Published
2007-03-03 20:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32781 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/22782 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/0799 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1017716 | vdb-entry, x_refsource_SECTRACK | |
| ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt | x_refsource_MISC | |
| http://osvdb.org/33840 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/24371 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/875633 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "symantec-email-headers-code-execution(32781)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32781"
},
{
"name": "22782",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22782"
},
{
"name": "ADV-2007-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0799"
},
{
"name": "1017716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017716"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt"
},
{
"name": "33840",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33840"
},
{
"name": "24371",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24371"
},
{
"name": "VU#875633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/875633"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "symantec-email-headers-code-execution(32781)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32781"
},
{
"name": "22782",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22782"
},
{
"name": "ADV-2007-0799",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0799"
},
{
"name": "1017716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017716"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt"
},
{
"name": "33840",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33840"
},
{
"name": "24371",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24371"
},
{
"name": "VU#875633",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/875633"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "symantec-email-headers-code-execution(32781)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32781"
},
{
"name": "22782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22782"
},
{
"name": "ADV-2007-0799",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0799"
},
{
"name": "1017716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017716"
},
{
"name": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt",
"refsource": "MISC",
"url": "ftp://ftp.symantec.com/public/english_us_canada/products/symantec_mail_security/5.0_smtp/updates/release_notes_p175.txt"
},
{
"name": "33840",
"refsource": "OSVDB",
"url": "http://osvdb.org/33840"
},
{
"name": "24371",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24371"
},
{
"name": "VU#875633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/875633"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1252",
"datePublished": "2007-03-03T20:00:00",
"dateReserved": "2007-03-03T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3037
Vulnerability from cvelistv5
Published
2009-09-01 16:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/2389 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/36042 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/36472 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/36474 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21396492 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/36124 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36474"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3037",
"datePublished": "2009-09-01T16:00:00",
"dateReserved": "2009-09-01T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5909
Vulnerability from cvelistv5
Published
2007-11-10 02:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3357",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3357"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702sam-en.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702mif-en.html"
},
{
"name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
},
{
"name": "27304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27304"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702doc-en.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3357",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3357"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702sam-en.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702mif-en.html"
},
{
"name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
},
{
"name": "27304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27304"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702doc-en.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3357",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3357"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26175"
},
{
"name": "http://vuln.sg/lotusnotes702sam-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702sam-en.html"
},
{
"name": "http://vuln.sg/lotusnotes702mif-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702mif-en.html"
},
{
"name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
},
{
"name": "27304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27304"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
},
{
"name": "http://vuln.sg/lotusnotes702-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3596"
},
{
"name": "http://vuln.sg/lotusnotes702doc-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702doc-en.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5909",
"datePublished": "2007-11-10T02:00:00",
"dateReserved": "2007-11-09T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5545
Vulnerability from cvelistv5
Published
2006-10-26 17:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/19866 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1017094 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29676 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/22490 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html | x_refsource_CONFIRM | |
| http://www.osvdb.org/29895 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/4118 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19866"
},
{
"name": "1017094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017094"
},
{
"name": "symantec-domino-security-bypass(29676)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29676"
},
{
"name": "22490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html"
},
{
"name": "29895",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29895"
},
{
"name": "ADV-2006-4118",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4118"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19866"
},
{
"name": "1017094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017094"
},
{
"name": "symantec-domino-security-bypass(29676)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29676"
},
{
"name": "22490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html"
},
{
"name": "29895",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29895"
},
{
"name": "ADV-2006-4118",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4118"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19866"
},
{
"name": "1017094",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017094"
},
{
"name": "symantec-domino-security-bypass(29676)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29676"
},
{
"name": "22490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22490"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.10.19.html"
},
{
"name": "29895",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29895"
},
{
"name": "ADV-2006-4118",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4118"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5545",
"datePublished": "2006-10-26T17:00:00",
"dateReserved": "2006-10-26T00:00:00",
"dateUpdated": "2024-08-07T19:55:53.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0131
Vulnerability from cvelistv5
Published
2010-08-17 17:31
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01 | x_refsource_CONFIRM | |
| http://secunia.com/secunia_research/2010-25/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/41928 | vdb-entry, x_refsource_BID | |
| http://secunia.com/secunia_research/2010-23/ | x_refsource_MISC | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21440812 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2010-25/"
},
{
"name": "41928",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/41928"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2010-23/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2010-25/"
},
{
"name": "41928",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/41928"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2010-23/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2010-0131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01"
},
{
"name": "http://secunia.com/secunia_research/2010-25/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-25/"
},
{
"name": "41928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41928"
},
{
"name": "http://secunia.com/secunia_research/2010-23/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-23/"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2010-0131",
"datePublished": "2010-08-17T17:31:00",
"dateReserved": "2010-01-04T00:00:00",
"dateUpdated": "2024-08-07T00:37:53.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0548
Vulnerability from cvelistv5
Published
2011-07-18 22:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44779 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1025595 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1025594 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1025596 | vdb-entry, x_refsource_SECTRACK | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:25.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44779",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44779"
},
{
"name": "1025595",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025595"
},
{
"name": "1025594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025594"
},
{
"name": "1025596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025596"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "44779",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44779"
},
{
"name": "1025595",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025595"
},
{
"name": "1025594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025594"
},
{
"name": "1025596",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025596"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44779",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44779"
},
{
"name": "1025595",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025595"
},
{
"name": "1025594",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025594"
},
{
"name": "1025596",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025596"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110531_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0548",
"datePublished": "2011-07-18T22:00:00",
"dateReserved": "2011-01-20T00:00:00",
"dateUpdated": "2024-08-06T21:58:25.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6277
Vulnerability from cvelistv5
Published
2020-02-21 16:50
Modified
2024-08-06 21:28
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.symsa1262.html | x_refsource_MISC | |
| https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/ | x_refsource_MISC | |
| https://www.kb.cert.org/vuls/id/849841/ | x_refsource_MISC | |
| https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277 | x_refsource_MISC | |
| https://www.tenable.com/plugins/nessus/67192 | x_refsource_MISC | |
| https://tools.cisco.com/security/center/viewAlert.x?alertId=27482 | x_refsource_MISC | |
| https://www.securityfocus.com/bid/56610 | x_refsource_MISC | |
| https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autonomy KeyView IDOL |
Version: before 10.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/56610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autonomy KeyView IDOL",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before 10.16"
}
]
}
],
"datePublic": "2012-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to \"a number of underlying issues\" in which \"some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-21T16:50:17",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/56610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-6277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autonomy KeyView IDOL",
"version": {
"version_data": [
{
"version_value": "before 10.16"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to \"a number of underlying issues\" in which \"some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.symsa1262.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"name": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/",
"refsource": "MISC",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"name": "https://www.kb.cert.org/vuls/id/849841/",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"name": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277",
"refsource": "MISC",
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277"
},
{
"name": "https://www.tenable.com/plugins/nessus/67192",
"refsource": "MISC",
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"name": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482",
"refsource": "MISC",
"url": "https://tools.cisco.com/security/center/viewAlert.x?alertId=27482"
},
{
"name": "https://www.securityfocus.com/bid/56610",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/56610"
},
{
"name": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-6277",
"datePublished": "2020-02-21T16:50:17",
"dateReserved": "2012-12-06T00:00:00",
"dateUpdated": "2024-08-06T21:28:39.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5910
Vulnerability from cvelistv5
Published
2007-11-10 02:00
Modified
2024-08-07 15:47
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://vuln.sg/lotusnotes702wpd-en.html | x_refsource_MISC | |
| http://securityreason.com/securityalert/3357 | third-party-advisory, x_refsource_SREASON | |
| http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1018853 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/482664 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2007/3697 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/26175 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/27304 | third-party-advisory, x_refsource_SECUNIA | |
| http://vuln.sg/lotusnotes702-en.html | x_refsource_MISC | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1018886 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/3596 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:47:00.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702wpd-en.html"
},
{
"name": "3357",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3357"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"name": "27304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27304"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3596"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702wpd-en.html"
},
{
"name": "3357",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3357"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26175"
},
{
"name": "27304",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27304"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3596"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://vuln.sg/lotusnotes702wpd-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702wpd-en.html"
},
{
"name": "3357",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3357"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
},
{
"name": "1018853",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018853"
},
{
"name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482664"
},
{
"name": "ADV-2007-3697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3697"
},
{
"name": "26175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26175"
},
{
"name": "27304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27304"
},
{
"name": "http://vuln.sg/lotusnotes702-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lotusnotes702-en.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
},
{
"name": "1018886",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018886"
},
{
"name": "ADV-2007-3596",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3596"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5910",
"datePublished": "2007-11-10T02:00:00",
"dateReserved": "2007-11-09T00:00:00",
"dateUpdated": "2024-08-07T15:47:00.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1346
Vulnerability from cvelistv5
Published
2005-04-28 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:06.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:41:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1346",
"datePublished": "2005-04-28T04:00:00",
"dateReserved": "2005-04-28T00:00:00",
"dateUpdated": "2024-08-07T21:44:06.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3032
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00 | x_refsource_CONFIRM | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21440812 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/38468 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38468"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3032",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2009-08-31T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0249
Vulnerability from cvelistv5
Published
2005-02-08 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/107822 | third-party-advisory, x_refsource_CERT-VN | |
| http://xforce.iss.net/xforce/alerts/id/187 | third-party-advisory, x_refsource_ISS | |
| http://securitytracker.com/id?1013133 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18869 | vdb-entry, x_refsource_XF | |
| http://www.symantec.com/avcenter/security/Content/2005.02.08.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#107822",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"name": "20050208 Symantec AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"name": "1013133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013133"
},
{
"name": "upx-engine-gain-control(18869)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#107822",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"name": "20050208 Symantec AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"name": "1013133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013133"
},
{
"name": "upx-engine-gain-control(18869)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#107822",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"name": "20050208 Symantec AntiVirus Library Heap Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"name": "1013133",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013133"
},
{
"name": "upx-engine-gain-control(18869)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2005.02.08.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0249",
"datePublished": "2005-02-08T05:00:00",
"dateReserved": "2005-02-08T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4564
Vulnerability from cvelistv5
Published
2009-03-18 15:00
Modified
2024-08-07 10:24
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:18.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4564",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
"refsource": "CONFIRM",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"refsource": "OSVDB",
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4564",
"datePublished": "2009-03-18T15:00:00",
"dateReserved": "2008-10-14T00:00:00",
"dateUpdated": "2024-08-07T10:24:18.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3699
Vulnerability from cvelistv5
Published
2007-10-05 21:00
Modified
2024-08-07 14:28
Severity ?
EPSS score ?
Summary
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26053 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/2508 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36119 | vdb-entry, x_refsource_OSVDB | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-039.html | x_refsource_MISC | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24282 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"refsource": "OSVDB",
"url": "http://osvdb.org/36119"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3699",
"datePublished": "2007-10-05T21:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5406
Vulnerability from cvelistv5
Published
2008-04-10 18:00
Modified
2024-08-07 15:31
Severity ?
EPSS score ?
Summary
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:58.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29342"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27763"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"name": "autonomy-keyview-applix-dos(41722)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29342"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27763"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"name": "autonomy-keyview-applix-dos(41722)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-5406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29342"
},
{
"name": "http://secunia.com/secunia_research/2007-97/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27763"
},
{
"name": "28209",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"name": "autonomy-keyview-applix-dos(41722)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
},
{
"name": "http://secunia.com/secunia_research/2007-96/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "28454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"name": "http://secunia.com/secunia_research/2007-95/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2007-98/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-5406",
"datePublished": "2008-04-10T18:00:00",
"dateReserved": "2007-10-12T00:00:00",
"dateUpdated": "2024-08-07T15:31:58.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1792
Vulnerability from cvelistv5
Published
2007-06-27 17:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02".
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/24632 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35105 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/2335 | vdb-entry, x_refsource_VUPEN | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html | x_refsource_CONFIRM | |
| http://secunia.com/secunia_research/2007-48/advisory/ | x_refsource_MISC | |
| http://www.securitytracker.com/id?1018301 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/472440/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/36110 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/24625 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24632"
},
{
"name": "symantec-mailsecurity-attachment-dos(35105)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105"
},
{
"name": "ADV-2007-2335",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2335"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-48/advisory/"
},
{
"name": "1018301",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018301"
},
{
"name": "20070628 Secunia Research: Symantec Mail Security for SMTP Boundary Errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded"
},
{
"name": "36110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36110"
},
{
"name": "24625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24625"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of \"PE-Shield v0.2\" and \"ASPack v1.00-1.08.02\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "24632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24632"
},
{
"name": "symantec-mailsecurity-attachment-dos(35105)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105"
},
{
"name": "ADV-2007-2335",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2335"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-48/advisory/"
},
{
"name": "1018301",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018301"
},
{
"name": "20070628 Secunia Research: Symantec Mail Security for SMTP Boundary Errors",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded"
},
{
"name": "36110",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36110"
},
{
"name": "24625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24625"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-1792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of \"PE-Shield v0.2\" and \"ASPack v1.00-1.08.02\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24632"
},
{
"name": "symantec-mailsecurity-attachment-dos(35105)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35105"
},
{
"name": "ADV-2007-2335",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2335"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.06.26.html"
},
{
"name": "http://secunia.com/secunia_research/2007-48/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-48/advisory/"
},
{
"name": "1018301",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018301"
},
{
"name": "20070628 Secunia Research: Symantec Mail Security for SMTP Boundary Errors",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472440/100/0/threaded"
},
{
"name": "36110",
"refsource": "OSVDB",
"url": "http://osvdb.org/36110"
},
{
"name": "24625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24625"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-1792",
"datePublished": "2007-06-27T17:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5405
Vulnerability from cvelistv5
Published
2008-04-10 18:00
Modified
2024-08-07 15:31
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:58.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29342"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27763"
},
{
"name": "autonomy-keyview-applix-multiple-bo(41721)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29342"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27763"
},
{
"name": "autonomy-keyview-applix-multiple-bo(41721)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-5405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28140"
},
{
"name": "29342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29342"
},
{
"name": "http://secunia.com/secunia_research/2007-97/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-97/advisory/"
},
{
"name": "27763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27763"
},
{
"name": "autonomy-keyview-applix-multiple-bo(41721)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28209"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2007-96/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-96/advisory/"
},
{
"name": "ADV-2008-1156",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"name": "http://secunia.com/secunia_research/2007-95/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-95/advisory/"
},
{
"name": "28210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28210"
},
{
"name": "1019844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019844"
},
{
"name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
},
{
"name": "ADV-2008-1154",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
},
{
"name": "http://secunia.com/secunia_research/2007-98/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-5405",
"datePublished": "2008-04-10T18:00:00",
"dateReserved": "2007-10-12T00:00:00",
"dateUpdated": "2024-08-07T15:31:58.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0447
Vulnerability from cvelistv5
Published
2007-10-05 21:00
Modified
2024-08-07 12:19
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26053 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/2508 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36118 | vdb-entry, x_refsource_OSVDB | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-040.html | x_refsource_MISC | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24282 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"refsource": "OSVDB",
"url": "http://osvdb.org/36118"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0447",
"datePublished": "2007-10-05T21:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6020
Vulnerability from cvelistv5
Published
2008-04-10 18:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28140"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-106/advisory/"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29342"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-105/advisory/"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
},
{
"name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
},
{
"name": "autonomy-keyview-foliosr-bo(41716)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "1019841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019841"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "28140",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28140"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-106/advisory/"
},
{
"name": "29342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29342"
},
{
"name": "27763",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28209"
},
{
"name": "ADV-2008-1156",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28454"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-105/advisory/"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
},
{
"name": "28210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28210"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
},
{
"name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
},
{
"name": "autonomy-keyview-foliosr-bo(41716)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
},
{
"name": "ADV-2008-1154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "1019841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019841"
},
{
"name": "1019805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-6020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28140",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28140"
},
{
"name": "http://secunia.com/secunia_research/2007-106/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-106/advisory/"
},
{
"name": "29342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29342"
},
{
"name": "27763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27763"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
},
{
"name": "28209",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28209"
},
{
"name": "ADV-2008-1156",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1156"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
},
{
"name": "28454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28454"
},
{
"name": "http://secunia.com/secunia_research/2007-105/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-105/advisory/"
},
{
"name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
},
{
"name": "28210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28210"
},
{
"name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
},
{
"name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
},
{
"name": "autonomy-keyview-foliosr-bo(41716)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
},
{
"name": "ADV-2008-1154",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1154"
},
{
"name": "1019841",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019841"
},
{
"name": "1019805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"name": "http://secunia.com/secunia_research/2007-104/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"name": "http://secunia.com/secunia_research/2007-107/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-6020",
"datePublished": "2008-04-10T18:00:00",
"dateReserved": "2007-11-19T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}