Lucene search
K

13 matches found

Check Point Advisories
Check Point Advisories
added 2009/09/24 12:0 a.m.11 views

Update Protection against Symantec Mail Security KeyView Excel File SST Parsing Integer Overflow Vulnerability

An integer overflow vulnerability exists in multiple products using Autonomy KeyView SDK File Viewer for Excel. A remote attacker could exploit this vulnerability by enticing the target user to open or view a malicious Excel file with the vulnerable version of the product. Successful exploitation...

9.3CVSS6.9AI score0.05718EPSS
Exploits0
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.49 views

iDefense Security Advisory 08.25.09: Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability

iDefense Security Advisory 08.25.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 25, 2009 I. BACKGROUND Autonomy KeyView SDK is a commercial SDK that provides many file format parsing libraries. It supports a large number of different document formats, one of which is the Microsoft...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2009/08/26 12:0 a.m.38 views

Autonomy KeyView SDK library integer overflow

Integer overflow on .XLS files parsing...

6AI score
Exploits0References1Affected Software2
CERT
CERT
added 2009/03/19 12:0 a.m.34 views

Autonomy KeyView SDK buffer overflow vulnerability

Overview Autonomy KeyView SDK contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Autonomy KeyView SDK is a commercial software development kit SDK that includes file filtering libraries. A vulnerability exists in the way the SDK libraries...

9.3CVSS7.4AI score0.06757EPSS
Exploits2References6
NVD
NVD
added 2009/03/18 3:30 p.m.22 views

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...

9.3CVSS7.6AI score0.06757EPSS
Exploits2References18
Cvelist
Cvelist
added 2009/03/18 3:0 p.m.32 views

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...

7.6AI score0.06757EPSS
Exploits2References18
CVE
CVE
added 2009/03/18 3:0 p.m.134 views

CVE-2008-4564

A stack-based buffer overflow in Autonomy KeyView SDK wp6sr.dll (WordPerfect document parser) allows remote code execution. The CVE-2008-4564 issue affects IBM Lotus Notes (and other products using KeyView), caused by unbounded copying of records into a fixed-size stack buffer when processing WPD...

9.3CVSS7.7AI score0.06757EPSS
Exploits2References18Affected Software10
NVD
NVD
added 2007/12/28 9:46 p.m.27 views

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

8.8CVSS7.4AI score0.06301EPSS
Exploits4References14
Prion
Prion
added 2007/12/28 9:46 p.m.33 views

Stack overflow

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

8.8CVSS7.7AI score0.20906EPSS
Exploits9References14Affected Software1
CVE
CVE
added 2007/12/28 9:0 p.m.69 views

CVE-2007-6593

CVE-2007-6593 is a buffer overflow in Autonomy KeyView (l123sr.dll) used by IBM Lotus Notes (versions 5.x–8.x) when viewing Lotus 1-2-3 (.123) Worksheet files. The vulnerability arises from a boundary/stack-based overflow in SRANGE handling, enabling user‑assisted remote code execution if a malic...

8.8CVSS7.4AI score0.06301EPSS
Exploits4References14Affected Software1
Cvelist
Cvelist
added 2007/12/28 9:0 p.m.36 views

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

7.3AI score0.06301EPSS
Exploits4References14
Cvelist
Cvelist
added 2006/02/15 12:0 a.m.27 views

CVE-2005-2619

Directory traversal vulnerability in kvarcve.dll in Autonomy formerly Verity KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a 1 ZIP, 2 UUE or 3 TAR archive that contains a .. dot dot in the filename, which is not properly...

6.8AI score0.0329EPSS
Exploits0References11
CVE
CVE
added 2006/02/15 12:0 a.m.61 views

CVE-2005-2619

The CVE-2005-2619 issue affects Lotus Notes (6.5.4 and 7.0) using Autonomy/Verity KeyView SDK kvarcve.dll (pre-9.2.0). The vulnerability arises in the preview generation of archives (ZIP, UUE, TAR) where a filename containing .. can lead to directory traversal and deletion of arbitrary files acce...

9.3CVSS6.8AI score0.0329EPSS
Exploits0References11Affected Software4
Rows per page
Query Builder