CVE-2007-5406 | Vulnerability Database | Aqua Security

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

Affected Software

Name	Vendor	Start Version	End Version
Lotus_notes	Ibm	6.0 (including)	6.0 (including)
Lotus_notes	Ibm	6.5 (including)	6.5 (including)
Lotus_notes	Ibm	7.0 (including)	7.0 (including)
Lotus_notes	Ibm	8.0 (including)	8.0 (including)
Lotus_notes	Ibm	8.0.1 (including)	8.0.1 (including)
Mail_security	Symantec	*	7.5 (including)
Mail_security	Symantec	5.0 (including)	5.0 (including)
Mail_security	Symantec	5.0.0 (including)	5.0.0 (including)
Mail_security	Symantec	5.0.1 (including)	5.0.1 (including)

References

http://secunia.com/advisories/27763
http://secunia.com/advisories/28140
http://secunia.com/advisories/28209
http://secunia.com/advisories/28210
http://secunia.com/advisories/29342
http://secunia.com/secunia_research/2007-95/advisory/
http://secunia.com/secunia_research/2007-96/advisory/
http://secunia.com/secunia_research/2007-97/advisory/
http://secunia.com/secunia_research/2007-98/advisory/
http://securitytracker.com/id?1019805
http://www.securityfocus.com/archive/1/490825/100/0/threaded
http://www.securityfocus.com/archive/1/490837/100/0/threaded
http://www.securityfocus.com/archive/1/490838/100/0/threaded
http://www.securityfocus.com/archive/1/490839/100/0/threaded
http://www.securityfocus.com/bid/28454
http://www.securitytracker.com/id?1019844
http://www.vupen.com/english/advisories/2008/1153
http://www.vupen.com/english/advisories/2008/1154
http://www.vupen.com/english/advisories/2008/1156
https://exchange.xforce.ibmcloud.com/vulnerabilities/41722
http://secunia.com/advisories/27763
http://secunia.com/advisories/28140
http://secunia.com/advisories/28209
http://secunia.com/advisories/28210
http://secunia.com/advisories/29342
http://secunia.com/secunia_research/2007-95/advisory/
http://secunia.com/secunia_research/2007-96/advisory/
http://secunia.com/secunia_research/2007-97/advisory/
http://secunia.com/secunia_research/2007-98/advisory/
http://securitytracker.com/id?1019805
http://www.securityfocus.com/archive/1/490825/100/0/threaded
http://www.securityfocus.com/archive/1/490837/100/0/threaded
http://www.securityfocus.com/archive/1/490838/100/0/threaded
http://www.securityfocus.com/archive/1/490839/100/0/threaded
http://www.securityfocus.com/bid/28454
http://www.securitytracker.com/id?1019844
http://www.vupen.com/english/advisories/2008/1153
http://www.vupen.com/english/advisories/2008/1154
http://www.vupen.com/english/advisories/2008/1156
https://exchange.xforce.ibmcloud.com/vulnerabilities/41722

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-5406
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html