CVE-2007-5399

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
27.5%
top 3.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Autonomy KeyviewIBM Lotus Notes
Timeline
PublishedApr 10
Latest updateMay 1

Description

Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, rela

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDibm/lotus_notes5 versions+4
NVDautonomy/keyview10.3.0.0

🔴Vulnerability Details

2
GHSA
GHSA-82x4-245q-4whp: Multiple heap-based buffer overflows in emlsr2022-05-01
CVEList
CVE-2007-5399: Multiple heap-based buffer overflows in emlsr2008-04-10
CVE-2007-5399 (CRITICAL CVSS 9.3) | Multiple heap-based buffer overflow | cvebase.io