Buffer overflow in Activepdf Docconverter
CVE-2007-6020
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers…
Vulnerability class: Buffer Overflow
EPSS: 0.057 (92.1th percentile) — read the EPSS interpretation.
Affected products
- Activepdf Docconverter — versions 3.8.4.0
- Autonomy Keyview — versions 2.0.0.2, 10.3.0.0
- Ibm Lotus_notes — versions 6.0, 6.5, 7.0
- Symantec Mail_security — versions 5.0, 5.0.0, 5.0.1
- Symantec Mail_security_appliance — versions 5.0
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- PSIRT-CNA@flexerasoftware.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
- PSIRT-CNA@flexerasoftware.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- PSIRT-CNA@flexerasoftware.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
- PSIRT-CNA@flexerasoftware.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- PSIRT-CNA@flexerasoftware.com (vdb-entry, x_refsource_VUPEN)
- PSIRT-CNA@flexerasoftware.com (mailing-list, x_refsource_BUGTRAQ)
- PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM, Vendor Advisory)
- PSIRT-CNA@flexerasoftware.com (vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2007-6020?
- CVE-2007-6020 is a vulnerability in Activepdf Docconverter, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2008-04-10.
- Is CVE-2007-6020 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.