Stack overflow

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7...

Stack overflow

Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND...

Integer overflow

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W...

CVE-2011-1512

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR...

CVE-2011-1214

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ...

CVE-2011-1215

CVE-2011-1215 is a stack-based buffer overflow in Autonomy KeyView (mw8sr.dll) used by IBM Lotus Notes before 8.5.2 FP3. The vulnerability allows remote code execution via a crafted link in an Office document attachment. The issue is mapped to the KeyView filter used by multiple Symantec/Notes-re...

CVE-2011-1217

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information...

CVE-2011-1216

CVE-2011-1216 is a stack-based buffer overflow in Autonomy KeyView’s Verity/assr.dll used by IBM Lotus Notes before 8.5.2 FP3. An attacker could trigger arbitrary code execution by crafting tag data in an Applix spreadsheet attachment, leading to remote code execution under the Notes process. The...

CVE-2011-1213

In IBM Lotus Notes, the Autonomy KeyView component (lzhsr.dll) is vulnerable to a stack-based buffer overflow via a crafted .lzh header, caused by an integer underflow in KeyView’s parsing. A remote attacker could execute arbitrary code on affected systems running Lotus Notes before 8.5.2 FP3. Mi...

CVE-2011-1218

Summary: CVE-2011-1218 is a buffer overflow in Autonomy KeyView’s kvarcve.dll, affecting IBM Lotus Notes prior to 8.5.2 FP3. A crafted ZIP attachment can trigger remote arbitrary-code execution. The issue is tied to the Verity KeyView Filter used by affected Note applications. Impact (as stated):...

CVE-2011-1512

CVE-2011-1512 is a heap-based buffer overflow in Autonomy KeyView’s xlssr.dll used by IBM Lotus Notes prior to 8.5.2 FP3. A malformed BIFF record in a .xls attachment can trigger memory corruption and remote code execution. Multiple security advisories (CoreLabs, OpenVAS, Tenable/Nessus) link CVE...

CVE-2011-1218

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information...

CVE-2011-1216

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7...

CVE-2011-1217

CVE-2011-1217 : Buffer overflow in kpprzrdr.dll within Autonomy KeyView, used by IBM Lotus Notes prior to 8.5.2 FP3, can be triggered by a crafted .prz attachment to remote-execute arbitrary code. The vulnerability affects the Lotus Notes workflow through the KeyView component, relies on a malfor...

CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W...

Multi-Vendor Autonomy Verity Keyview PRZ Reader Filter Overflow

SUMMARY Symantec products that ship with the Verity KeyView Filter have updated the module to address a security issue being reported in the content filter processing of specifically crafted document formats. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail...

ZDI-10-157: IBM Lotus Notes Autonomy KeyView Office Shape Parsing Remote Code Execution Vulnerability

ZDI-10-157: IBM Lotus Notes Autonomy KeyView Office Shape Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-157 August 23, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM Autonomy -- Affected Products: IBM Lotus Notes Autonomy...

Autonomy KeyView multiple security vulnerabilities

Buffer overflows, integer overflows, memory corruptions...

ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability

ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-159 August 23, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM Autonomy -- Affected Products: IBM Lotus Notes Autonomy KeyView --...

ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability

ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-156 August 23, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM Autonomy -- Affected Products: IBM Lotus Notes Autonomy KeyView --...