402 matches found
ZDI-10-158: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
ZDI-10-158: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-158 August 23, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM Autonomy -- Affected Products: IBM Lotus Notes Autonomy KeyView --...
IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...
IBM Lotus Notes Autonomy KeyView Office Shape Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...
IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...
IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...
CVE-2010-1524
The SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via unspecified vectors related to allocation of an array of pointers and "string indexing," which triggers memory...
CVE-2010-0133
Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records."...
CVE-2010-0126
Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is not properly handled by...
CVE-2010-0131
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader wkssr.dll, as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown reco...
CVE-2010-0135
Heap-based buffer overflow in the WordPerfect 5.x reader wosr.dll, as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks."...
Stack overflow
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader wkssr.dll, as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown reco...
Integer overflow
Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow...
Integer overflow
Integer underflow in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted size for an unspecified record typ...
Heap overflow
Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is not properly handled by...
Stack overflow
Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records."...
Heap overflow
Heap-based buffer overflow in the WordPerfect 5.x reader wosr.dll, as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks."...
Memory corruption
The SpreadSheet Lotus 123 reader wkssr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via unspecified vectors related to allocation of an array of pointers and "string indexing," which triggers memory...
CVE-2010-1524
Autonomy KeyView (SpreadSheet Lotus 123 reader wkssr.dll) is affected in KeyView versions 10.4 and 10.9, where the SpreadSheet parser can trigger memory corruption via allocation of an array of pointers and string indexing, allowing remote code execution. The vulnerability affects software using ...
CVE-2010-0126
CVE-2010-0126 affects Autonomy KeyView 10.4 and 10.9. The vulnerability is a heap-based buffer overflow in a KeyView component/library used by multiple products (e.g., IBM, Symantec) that processes compound documents. An attacker could trigger code execution by supplying a specially crafted compo...
CVE-2010-0131
CVE-2010-0131 describes a stack-based buffer overflow in the Spreadsheet Lotus 123 reader (wkssr.dll), affecting Autonomy KeyView 10.4 and 10.9 (and related products). The vulnerability stems from a boundary/float conversion issue in certain record types, enabling remote attackers to execute arbi...