CVE-2007-6020 Information

Description

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0 as used by IBM Lotus Notes Symantec Mail Security and activePDF DocConverter allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI (2) FD (3) FT (4) JD (5) JL (6) LE (7) OB (8) OD (9) OL (10) PN (11) PS (12) PW (13) RD (14) QL or (15) TS tag in a .fff file.

Reference

http://secunia.com/advisories/27763 http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/advisories/29342 http://secunia.com/secunia_research/2007-104/advisory/ http://secunia.com/secunia_research/2007-105/advisory/ http://secunia.com/secunia_research/2007-106/advisory/ http://secunia.com/secunia_research/2007-107/advisory/ http://securitytracker.com/id?1019805 http://www.securityfocus.com/archive/1/490827/100/0/threaded http://www.securityfocus.com/archive/1/490829/100/0/threaded http://www.securityfocus.com/archive/1/490830/100/0/threaded http://www.securityfocus.com/archive/1/490831/100/0/threaded http://www.securityfocus.com/bid/28454 http://www.securitytracker.com/id?1019841 http://www.symantec.com/avcenter/security/Content/2008.04.08e.html http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1154 http://www.vupen.com/english/advisories/2008/1156 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 https://exchange.xforce.ibmcloud.com/vulnerabilities/41716