CVE-2007-5406 — Mail Security vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

25.8%

top 3.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Mail Security IBM Lotus Notes

Timeline

PublishedApr 10

Latest updateMay 1

Description

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDsymantec/mail_security7.5+3

▶NVDibm/lotus_notes5 versions+4

🔴Vulnerability Details

GHSA

GHSA-hwpm-rvvp-6j8w: kpagrdr↗2022-05-01

▶

CVEList

CVE-2007-5406: kpagrdr↗2008-04-10

▶