CVE-2010-0135: Buffer Overflow
First published: Tue Aug 17 2010(Updated: )
Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks."
Credit: PSIRT-CNA@flexerasoftware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autonomy KeyView | =10.9 | |
| Autonomy KeyView | =10.4 | |
| Autonomy KeyView | =10.4 | |
| Autonomy KeyView | =10.4 | |
| Autonomy KeyView | =10.9 | |
| Autonomy KeyView | =10.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-0135?
CVE-2010-0135 is classified as a high severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2010-0135?
To mitigate CVE-2010-0135, it is recommended to update to the latest versions of Autonomy KeyView 10.4 or 10.9 which include fixes for this vulnerability.
What software is affected by CVE-2010-0135?
CVE-2010-0135 affects the Autonomy KeyView 10.4 and 10.9, including its various SDK components.
What type of vulnerability is CVE-2010-0135?
CVE-2010-0135 is a heap-based buffer overflow vulnerability that can be exploited by remote attackers.
Can CVE-2010-0135 lead to remote code execution?
Yes, CVE-2010-0135 allows remote attackers to execute arbitrary code by exploiting the vulnerability.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/autonomy
- canonical/autonomy keyview
- version/autonomy keyview/10.9
- version/autonomy keyview/10.4