IBM Lotus Notes Autonomy KeyView Office Shape Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...

IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes...

Update Protection against Symantec Mail Security KeyView Excel File SST Parsing Integer Overflow Vulnerability

An integer overflow vulnerability exists in multiple products using Autonomy KeyView SDK File Viewer for Excel. A remote attacker could exploit this vulnerability by enticing the target user to open or view a malicious Excel file with the vulnerable version of the product. Successful exploitation...

Autonomy KeyView SDK library integer overflow

Integer overflow on .XLS files parsing...

iDefense Security Advisory 08.25.09: Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability

iDefense Security Advisory 08.25.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 25, 2009 I. BACKGROUND Autonomy KeyView SDK is a commercial SDK that provides many file format parsing libraries. It supports a large number of different document formats, one of which is the Microsoft...

Autonomy KeyView SDK buffer overflow vulnerability

Overview Autonomy KeyView SDK contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary code. Description Autonomy KeyView SDK is a commercial software development kit SDK that includes file filtering libraries. A vulnerability exists in the way the SDK libraries...

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security SMS products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention DLP products, allows remote attackers to execute arbitrary code via a...

CVE-2008-4564

A stack-based buffer overflow in Autonomy KeyView SDK wp6sr.dll (WordPerfect document parser) allows remote code execution. The CVE-2008-4564 issue affects IBM Lotus Notes (and other products using KeyView), caused by unbounded copying of records into a fixed-size stack buffer when processing WPD...

Stack overflow

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy formerly Verity KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the 1 Length and 2 Value fields for certain Types in a Lotus 1-2-3 .123 file in the Worksheet...

CVE-2007-6593

CVE-2007-6593 is a buffer overflow in Autonomy KeyView (l123sr.dll) used by IBM Lotus Notes (versions 5.x–8.x) when viewing Lotus 1-2-3 (.123) Worksheet files. The vulnerability arises from a boundary/stack-based overflow in SRANGE handling, enabling user‑assisted remote code execution if a malic...

CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies – CoreLabs Advisory http://www.coresecurity.com/corelabs Lotus Notes buffer overflow in the Lotus WorkSheet file processor Advisory Information Title: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Advisor...

Lotus Notes buffer overflow in the Lotus WorkSheet file processor

Advisory ID Internal CORE-2007-0821 Advisory Information Title: Lotus Notes buffer overflow in the Lotus WorkSheet file processor Advisory ID: CORE-2007-0821 Date published: 2007-11-27 Date of last update: 2007-11-27 Vendors contacted: IBM Corp. Release mode: COORDINATED RELEASE Vulnerability...

ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities

ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-07-059.html October 23, 2007 -- CVE ID: -- Affected Vendor: Verity -- Affected Products: KeyView SDK -- Vulnerability Details: Several vulnerabilities exist in the popular...

Verity KeyView SDK Multiple File Format Parsing Vulnerabilities

Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. When parsing several different file formats a standard stack overflow occurs allowing a malicious user to gain complete control of the affected machine under the rights of th...

CVE-2005-2619

Directory traversal vulnerability in kvarcve.dll in Autonomy formerly Verity KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a 1 ZIP, 2 UUE or 3 TAR archive that contains a .. dot dot in the filename, which is not properly...

CVE-2005-2618

Multiple stack-based buffer overflows in Autonomy formerly Verity KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via 1 a UUE file containing an encoded file with a long filename handled by uudrdr.dll, 2 a compressed ZIP file with a...

CVE-2005-2619

The CVE-2005-2619 issue affects Lotus Notes (6.5.4 and 7.0) using Autonomy/Verity KeyView SDK kvarcve.dll (pre-9.2.0). The vulnerability arises in the preview generation of archives (ZIP, UUE, TAR) where a filename containing .. can lead to directory traversal and deletion of arbitrary files acce...