Autonomy Keyview vulnerabilities

CVE-2007-5399 [CRITICAL] CWE-119 CVE-2007-5399: Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) Ke Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the

CVE-2007-6020 [CRITICAL] CWE-119 CVE-2007-6020: Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) O

CVE-2007-5405 [CRITICAL] CWE-119 CVE-2007-5405: Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Auton Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3)

CVE-2008-1101 [CRITICAL] CWE-119 CVE-2008-1101: Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.