CVE-2008-4564
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.933 High
EPSS
Percentile
99.1%
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Affected configurations
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
osvdb.org/52713
secunia.com/advisories/34303
secunia.com/advisories/34307
secunia.com/advisories/34318
secunia.com/advisories/34355
securitytracker.com/id?1021856
securitytracker.com/id?1021857
www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573
www.kb.cert.org/vuls/id/276563
www.securityfocus.com/bid/34086
www.securitytracker.com/id?1021859
www.symantec.com/avcenter/security/Content/2009.03.17a.html
www.vupen.com/english/advisories/2009/0744
www.vupen.com/english/advisories/2009/0756
www.vupen.com/english/advisories/2009/0757
customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
exchange.xforce.ibmcloud.com/vulnerabilities/49284
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.6 High
AI Score
Confidence
Low
0.933 High
EPSS
Percentile
99.1%