Lucene search

[email protected]CVE-2005-2618

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-2618

2005-12-3105:00:00

CWE-119

[email protected]

web.nvd.nist.gov

autonomy keyview

verity

stack-based buffer overflow

cve-2005-2618

lotus notes

remote code execution

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).

CPENameOperatorVersion
ibm:lotus_notesibm lotus noteseq6.5.2
autonomy:keyview_viewer_sdkautonomy keyview viewer sdkeq*
ibm:lotus_notesibm lotus noteseq6.0.1
ibm:lotus_notesibm lotus noteseq6.0.2
ibm:lotus_notesibm lotus noteseq7.0
autonomy:keyview_export_sdkautonomy keyview export sdkeq*
ibm:lotus_notesibm lotus noteseq6.0.4
ibm:lotus_notesibm lotus noteseq6.5.4
ibm:lotus_notesibm lotus noteseq6.5.1
ibm:lotus_notesibm lotus noteseq6.0.5

CPE	Name	Operator	Version
ibm:lotus_notes	ibm lotus notes	eq	6.5.2
autonomy:keyview_viewer_sdk	autonomy keyview viewer sdk	eq	*
ibm:lotus_notes	ibm lotus notes	eq	6.0.1
ibm:lotus_notes	ibm lotus notes	eq	6.0.2
ibm:lotus_notes	ibm lotus notes	eq	7.0
autonomy:keyview_export_sdk	autonomy keyview export sdk	eq	*
ibm:lotus_notes	ibm lotus notes	eq	6.0.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.1
ibm:lotus_notes	ibm lotus notes	eq	6.0.5

Rows per page:

1-10 of 141

References

secunia.com/advisories/16100

secunia.com/advisories/16280

secunia.com/secunia_research/2005-32/advisory/

secunia.com/secunia_research/2005-34/advisory/

secunia.com/secunia_research/2005-36/advisory/

secunia.com/secunia_research/2005-37/advisory/

secunia.com/secunia_research/2005-66/advisory/

securitytracker.com/id?1015657

www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918

www.kb.cert.org/vuls/id/884076

www.osvdb.org/23064

www.osvdb.org/23065

www.osvdb.org/23066

www.osvdb.org/23067

www.osvdb.org/23068

www.securityfocus.com/archive/1/424626/100/0/threaded

www.securityfocus.com/archive/1/424666/100/0/threaded

www.securityfocus.com/archive/1/424689/100/0/threaded

www.securityfocus.com/archive/1/424692/100/0/threaded

www.securityfocus.com/bid/16576

www.vupen.com/english/advisories/2006/0500

www.vupen.com/english/advisories/2006/0501

exchange.xforce.ibmcloud.com/vulnerabilities/24635

exchange.xforce.ibmcloud.com/vulnerabilities/24636

exchange.xforce.ibmcloud.com/vulnerabilities/24638

exchange.xforce.ibmcloud.com/vulnerabilities/24639

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.95 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2005-2618

saint8 cert1 checkpoint_advisories3 securityvulns4 nessus1