Lucene search

[email protected]CVE-2005-2619

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-2619

2005-12-3105:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2005-2619

directory traversal

autonomy keyview sdk

verity

lotus notes

remote attack

file deletion

zip

uue

tar archive

security vulnerability

nvd

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.6%

JSON

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a … (dot dot) in the filename, which is not properly handled when generating a preview.

CPENameOperatorVersion
ibm:lotus_notesibm lotus noteseq6.5.2
autonomy:keyview_viewer_sdkautonomy keyview viewer sdkeq*
ibm:lotus_notesibm lotus noteseq6.0.1
ibm:lotus_notesibm lotus noteseq6.0.2
ibm:lotus_notesibm lotus noteseq7.0
autonomy:keyview_export_sdkautonomy keyview export sdkeq*
ibm:lotus_notesibm lotus noteseq6.0.4
ibm:lotus_notesibm lotus noteseq6.5.4
ibm:lotus_notesibm lotus noteseq6.5.1
ibm:lotus_notesibm lotus noteseq6.0.5

CPE	Name	Operator	Version
ibm:lotus_notes	ibm lotus notes	eq	6.5.2
autonomy:keyview_viewer_sdk	autonomy keyview viewer sdk	eq	*
ibm:lotus_notes	ibm lotus notes	eq	6.0.1
ibm:lotus_notes	ibm lotus notes	eq	6.0.2
ibm:lotus_notes	ibm lotus notes	eq	7.0
autonomy:keyview_export_sdk	autonomy keyview export sdk	eq	*
ibm:lotus_notes	ibm lotus notes	eq	6.0.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.4
ibm:lotus_notes	ibm lotus notes	eq	6.5.1
ibm:lotus_notes	ibm lotus notes	eq	6.0.5

Rows per page:

1-10 of 141

References

secunia.com/advisories/16100

secunia.com/advisories/16280

secunia.com/secunia_research/2005-30/advisory/

secunia.com/secunia_research/2005-66/advisory/

securitytracker.com/id?1015657

www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918

www.osvdb.org/23066

www.securityfocus.com/archive/1/424717/100/0/threaded

www.securityfocus.com/bid/16576

www.vupen.com/english/advisories/2006/0500

exchange.xforce.ibmcloud.com/vulnerabilities/24637

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2005-2619

securityvulns1 nessus1