13 matches found
Update Protection against Symantec Mail Security KeyView Excel File SST Parsing Integer Overflow Vulnerability
An integer overflow vulnerability exists in multiple products using Autonomy KeyView SDK File Viewer for Excel. A remote attacker could exploit this vulnerability by enticing the target user to open or view a malicious Excel file with the vulnerable version of the product. Successful exploitation...
iDefense Security Advisory 08.25.09: Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability
iDefense Security Advisory 08.25.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 25, 2009 I. BACKGROUND Autonomy KeyView SDK is a commercial SDK that provides many file format parsing libraries. It supports a large number of different document formats, one of which is the Microsoft...
Autonomy KeyView SDK library integer overflow
Integer overflow on .XLS files parsing...
Autonomy KeyView SDK buffer overflow vulnerability
Overview Autonomy KeyView SDK contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Autonomy KeyView SDK is a commercial software development kit SDK that includes file filtering libraries. A vulnerability exists in the way the SDK libraries...
CVE-2008-4564
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...
CVE-2008-4564
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...
CVE-2008-4564
A stack-based buffer overflow in Autonomy KeyView SDK wp6sr.dll (WordPerfect document parser) allows remote code execution. The CVE-2008-4564 issue affects IBM Lotus Notes (and other products using KeyView), caused by unbounded copying of records into a fixed-size stack buffer when processing WPD...
CVE-2007-6593
Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...
Stack overflow
Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...
CVE-2007-6593
CVE-2007-6593 is a buffer overflow in Autonomy KeyView (l123sr.dll) used by IBM Lotus Notes (versions 5.x–8.x) when viewing Lotus 1-2-3 (.123) Worksheet files. The vulnerability arises from a boundary/stack-based overflow in SRANGE handling, enabling user‑assisted remote code execution if a malic...
CVE-2007-6593
Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...
CVE-2005-2619
Directory traversal vulnerability in kvarcve.dll in Autonomy formerly Verity KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a 1 ZIP, 2 UUE or 3 TAR archive that contains a .. dot dot in the filename, which is not properly...
CVE-2005-2619
The CVE-2005-2619 issue affects Lotus Notes (6.5.4 and 7.0) using Autonomy/Verity KeyView SDK kvarcve.dll (pre-9.2.0). The vulnerability arises in the preview generation of archives (ZIP, UUE, TAR) where a filename containing .. can lead to directory traversal and deletion of arbitrary files acce...