CVE-2008-4564: Buffer Overflow
First published: Wed Mar 18 2009(Updated: )
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autonomy KeyView | <=10.4 | |
| Autonomy KeyView | =2.0 | |
| Autonomy KeyView | =9.2.0 | |
| Autonomy KeyView | =10 | |
| Autonomy KeyView | =10.3 | |
| Autonomy KeyView filter sdk | <=10.4 | |
| Autonomy KeyView filter sdk | =2.0 | |
| Autonomy KeyView filter sdk | =9.2.0 | |
| Autonomy KeyView filter sdk | =10 | |
| Autonomy KeyView filter sdk | =10.3 | |
| Autonomy KeyView viewer sdk | <=10.4 | |
| Autonomy KeyView viewer sdk | =2.0 | |
| Autonomy KeyView viewer sdk | =9.2.0 | |
| Autonomy KeyView viewer sdk | =10 | |
| Autonomy KeyView viewer sdk | =10.3 | |
| IBM Lotus Notes | =5.0.3 | |
| IBM Lotus Notes | =5.0.12 | |
| IBM Lotus Notes | =6.0 | |
| IBM Lotus Notes | =6.0.1 | |
| IBM Lotus Notes | =6.0.2 | |
| IBM Lotus Notes | =6.0.3 | |
| IBM Lotus Notes | =6.0.4 | |
| IBM Lotus Notes | =6.0.5 | |
| IBM Lotus Notes | =6.5 | |
| IBM Lotus Notes | =6.5.1 | |
| IBM Lotus Notes | =6.5.2 | |
| IBM Lotus Notes | =6.5.3 | |
| IBM Lotus Notes | =6.5.4 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.6 | |
| IBM Lotus Notes | =6.5.6 | |
| IBM Lotus Notes | =7.0 | |
| IBM Lotus Notes | =7.0.1 | |
| IBM Lotus Notes | =7.0.2 | |
| IBM Lotus Notes | =7.0.2 | |
| IBM Lotus Notes | =7.0.3 | |
| IBM Lotus Notes | =8.0 | |
| Symantec Altiris Deployment Solution | ||
| Symantec BrightMail | =5.0 | |
| Symantec Data Loss Prevention | =7.0 | |
| Symantec Data Loss Prevention | =8.0 | |
| Symantec Data Loss Prevention | =8.1 | |
| Symantec Data Loss Prevention | =8.1 | |
| Symantec Data Loss Prevention | =8.0 | |
| Symantec Data Loss Prevention | =8.1 | |
| Symantec Endpoint Protection | =7.0 | |
| Symantec Endpoint Protection | =8.0 | |
| Symantec Endpoint Protection | =8.1 | |
| Symantec Endpoint Protection | =8.1 | |
| Symantec Mail Security | =5.0 | |
| Symantec Mail Security | =5.0.0 | |
| Symantec Mail Security | =5.0.0 | |
| Symantec Mail Security | =5.0.0.24 | |
| Symantec Mail Security | =5.0.1 | |
| Symantec Mail Security | =5.0.1.181 | |
| Symantec Mail Security | =5.0.1.182 | |
| Symantec Mail Security | =5.0.1.189 | |
| Symantec Mail Security | =5.0.1.200 | |
| Symantec Mail Security | =5.0.10 | |
| Symantec Mail Security | =5.0.11 | |
| Symantec Mail Security | =6.0.6-microsoft_exchange | |
| Symantec Mail Security | =6.0.7-microsoft_exchange | |
| Symantec Mail Security | =7.5..4.29 | |
| Symantec Mail Security | =7.5.3.25 | |
| Symantec Mail Security | =7.5.5.32 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/34307
- http://www.securityfocus.com/bid/34086
- http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573
- https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
- http://www.vupen.com/english/advisories/2009/0744
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
- http://www.symantec.com/avcenter/security/Content/2009.03.17a.html
- http://securitytracker.com/id?1021856
- http://securitytracker.com/id?1021857
- http://secunia.com/advisories/34318
- http://www.vupen.com/english/advisories/2009/0756
- http://secunia.com/advisories/34355
- http://www.vupen.com/english/advisories/2009/0757
- http://secunia.com/advisories/34303
- http://osvdb.org/52713
- http://www.securitytracker.com/id?1021859
- http://www.kb.cert.org/vuls/id/276563
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49284
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/autonomy
- canonical/autonomy keyview
- version/autonomy keyview/10.4
- version/autonomy keyview/2.0
- version/autonomy keyview/9.2.0
- version/autonomy keyview/10
- version/autonomy keyview/10.3
- canonical/autonomy keyview filter sdk
- version/autonomy keyview filter sdk/10.4
- version/autonomy keyview filter sdk/2.0
- version/autonomy keyview filter sdk/9.2.0
- version/autonomy keyview filter sdk/10
- version/autonomy keyview filter sdk/10.3
- canonical/autonomy keyview viewer sdk
- version/autonomy keyview viewer sdk/10.4
- version/autonomy keyview viewer sdk/2.0
- version/autonomy keyview viewer sdk/9.2.0
- version/autonomy keyview viewer sdk/10
- version/autonomy keyview viewer sdk/10.3
- vendor/ibm
- canonical/ibm lotus notes
- version/ibm lotus notes/5.0.3
- version/ibm lotus notes/5.0.12
- version/ibm lotus notes/6.0
- version/ibm lotus notes/6.0.1
- version/ibm lotus notes/6.0.2
- version/ibm lotus notes/6.0.3
- version/ibm lotus notes/6.0.4
- version/ibm lotus notes/6.0.5
- version/ibm lotus notes/6.5
- version/ibm lotus notes/6.5.1
- version/ibm lotus notes/6.5.2
- version/ibm lotus notes/6.5.3
- version/ibm lotus notes/6.5.4
- version/ibm lotus notes/6.5.5
- version/ibm lotus notes/6.5.6
- version/ibm lotus notes/7.0
- version/ibm lotus notes/7.0.1
- version/ibm lotus notes/7.0.2
- version/ibm lotus notes/7.0.3
- version/ibm lotus notes/8.0
- vendor/symantec
- canonical/symantec altiris deployment solution
- canonical/symantec brightmail
- version/symantec brightmail/5.0
- canonical/symantec data loss prevention
- version/symantec data loss prevention/7.0
- version/symantec data loss prevention/8.0
- version/symantec data loss prevention/8.1
- canonical/symantec endpoint protection
- version/symantec endpoint protection/7.0
- version/symantec endpoint protection/8.0
- version/symantec endpoint protection/8.1
- canonical/symantec mail security
- version/symantec mail security/5.0
- version/symantec mail security/5.0.0
- version/symantec mail security/5.0.0.24
- version/symantec mail security/5.0.1
- version/symantec mail security/5.0.1.181
- version/symantec mail security/5.0.1.182
- version/symantec mail security/5.0.1.189
- version/symantec mail security/5.0.1.200
- version/symantec mail security/5.0.10
- version/symantec mail security/5.0.11
- version/symantec mail security/6.0.6-microsoft_exchange
- version/symantec mail security/6.0.7-microsoft_exchange
- version/symantec mail security/7.5..4.29
- version/symantec mail security/7.5.3.25
- version/symantec mail security/7.5.5.32