Lucene search

[email protected]NVD:CVE-2005-2619

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-2619

2005-12-3105:00:00

CWE-22

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.8%

JSON

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a … (dot dot) in the filename, which is not properly handled when generating a preview.

Affected configurations

NVD

Node

autonomykeyview_export_sdk

autonomykeyview_filter_sdk

autonomykeyview_viewer_sdk

ibmlotus_notesMatch6.0.1

ibmlotus_notesMatch6.0.2

ibmlotus_notesMatch6.0.3

ibmlotus_notesMatch6.0.4

ibmlotus_notesMatch6.0.5

ibmlotus_notesMatch6.5

ibmlotus_notesMatch6.5.1

ibmlotus_notesMatch6.5.2

ibmlotus_notesMatch6.5.3

ibmlotus_notesMatch6.5.4

ibmlotus_notesMatch7.0

References

secunia.com/advisories/16100

secunia.com/advisories/16280

secunia.com/secunia_research/2005-30/advisory/

secunia.com/secunia_research/2005-66/advisory/

securitytracker.com/id?1015657

www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918

www.osvdb.org/23066

www.securityfocus.com/archive/1/424717/100/0/threaded

www.securityfocus.com/bid/16576

www.vupen.com/english/advisories/2006/0500

exchange.xforce.ibmcloud.com/vulnerabilities/24637

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.029 Low

EPSS

Percentile

90.8%

JSON

Related for NVD:CVE-2005-2619

cvelist1 cve1 securityvulns1 nessus1