19 matches found
CVE-2012-6277
CVE-2012-6277 concerns multiple vulnerabilities in Autonomy KeyView IDOL libraries used by IBM Notes/Domino, Symantec messaging/security products, and others. The issue arises from underlying memory-corruption flaws in KeyView IDOL, triggered by processing crafted input files, potentially enablin...
CVE-2008-4564
A stack-based buffer overflow in Autonomy KeyView SDK wp6sr.dll (WordPerfect document parser) allows remote code execution. The CVE-2008-4564 issue affects IBM Lotus Notes (and other products using KeyView), caused by unbounded copying of records into a fixed-size stack buffer when processing WPD...
CVE-2019-12759
CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...
CVE-2007-3699
CVE-2007-3699 affects the Decomposer component in multiple Symantec products, enabling remote attackers to trigger a denial of service (infinite loop) by crafting the PACK_SIZE field in a RAR header. Connected Nessus entries reiterate this as part of “Symantec Mail Security Engine/Scanner” vulner...
CVE-2007-5909
CVE-2007-5909 is a buffer overflow vulnerability in Autonomy/Verity KeyView components (l123sr.dll, kpagrdr.dll, awsr.dll, exesr.dll, mwsr.dll, mifsr.dll, lasr.dll, rtfsr.dll) used by Lotus Notes 5.x–8.x. A crafted MIF/RTF/DOC/SAM/AS? attachments to these DLLs could cause a stack-based overflow, ...
CVE-2007-5405
CVE-2007-5405 is an Autonomy KeyView (kpagrdr.dll) buffer-overflow vulnerability affecting Applix Graphics (.ag) parsing. Secunia and related advisories document three overflow paths: (1) unsafe parsing of ENCODING in the *BEGIN tag, (2) boundary errors from overly long tokens, and (3) initial *B...
CVE-2009-3032
CVE-2009-3032 describes a heap-based buffer overflow in Autonomy KeyView Filter SDK (kvolefio.dll v8.5.0.8339 and v10.5.0.0) triggered by processing crafted OLE documents, impacting products that embed KeyView (e.g., IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.x). The v...
CVE-2011-0548
CVE-2011-0548 concerns a buffer overflow in the Lotus Freelance Graphics PRZ file viewer component of Autonomy KeyView, used in Symantec Mail Security (SMS) 6.x–8.x, Symantec Brightmail and Messaging Gateway pre-9.5.1, and Symantec DLP pre-10.5.3 and 11.x pre-11.1. The vulnerability allows a remo...
CVE-2007-0447
The CVE-2007-0447 entry corresponds to a heap-based buffer overflow in the Decomposer used by Symantec products (notably Symantec Antivirus Scan Engine / Mail Security for Exchange/Domino) when processing crafted CAB archives, enabling remote code execution. Connected details corroborate: a heap ...
CVE-2009-3037
CVE-2009-3037 is a buffer overflow in the Autonomy KeyView XLS viewer (xlssr.dll) used by IBM Lotus Notes and multiple Symantec products (Mail Security, BrightMail, DLP, etc.). The overflow occurs while parsing Excel .xls attachments, enabling remote code execution by enticing a user to open a ma...
CVE-2007-1252
Symantec Mail Security for SMTP (SMS for SMTP) vulnerable to a buffer overflow when processing malformed email headers in version 5.0 before Patch 175. The issue can crash the affected service and may allow arbitrary code execution. Exploitation, if achieved, would grant an attacker full control ...
CVE-2007-5910
CVE-2007-5910 is a stack-based buffer overflow in Autonomy/Verity KeyView Viewer, Filter, and Export SDK prior to 9.2.0.12, exploited via crafted WordPerfect (WPD) attachments. It impacts Lotus Notes (wp6sr.dll) and other products (ActivePDF DocConverter, etc.), enabling remote code execution. Mi...
CVE-2005-0249
Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...
CVE-2006-5545
CVE-2006-5545 affects Symantec Mail Security for Domino (Premium Antispam) on Domino Server 5.1.x. The vulnerability: the Premium Antispam feature does not filter certain SMTP recipient address formats, enabling remote attackers to relay spam through the remote host. Public sources reference vuln...
CVE-2010-0131
CVE-2010-0131 describes a stack-based buffer overflow in the Spreadsheet Lotus 123 reader (wkssr.dll), affecting Autonomy KeyView 10.4 and 10.9 (and related products). The vulnerability stems from a boundary/float conversion issue in certain record types, enabling remote attackers to execute arbi...
CVE-2007-1792
The CVE-2007-1792 issue affects Symantec Mail Security for SMTP and its SMS Filter Hub (filter-hub.exe) where libdayzero.dll fails to safely parse executable packers. Remote attackers can send an email with a crafted executable attachment that triggers boundary errors when detecting PE-Shield v0....
CVE-2007-6020
CVE-2007-6020 describes multiple stack-based buffer overflows in the Folio Flat File speed reader (foliosr.dll) of Autonomy KeyView 10.3.0.0, used by IBM Lotus Notes and Symantec Mail Security (SMSSMTP/Exchange/Domino) and activePDF DocConverter. Secunia and NVD detail that boundary errors occur ...
CVE-2005-1346
CVE-2005-1346 affects multiple Symantec AntiVirus products running on Windows (e.g., Norton AntiVirus 2005 11.0.0; Web Security 3.0.1.72; Mail Security for SMTP 4.0.5.66; AntiVirus Scan Engine 4.3.7.27; SAV/Filter for Domino NT 3.1.1.87; Mail Security for Exchange 4.5.4.743). The vulnerability al...
CVE-2007-5406
CVE-2007-5406 affects Autonomy KeyView (kpagrdr.dll) components used in Applix graphics parsing, including versions 2.0.0.2 and 10.3.0.0. Secunia notes that parsing the ENCODING attribute and long tokens in Applix documents can trigger buffer overflows, enabling remote attackers to cause a denial...