This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Autonomy First view 2007-11-09
Product Keyview Filter Sdk Last view 2009-03-18
Version 9.2.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:autonomy:keyview_filter_sdk

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2009-03-18 CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
9.3 2007-11-09 CVE-2007-5910

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.
9.3 2007-11-09 CVE-2007-5909

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

CWE : Common Weakness Enumeration

%idName
100% (3) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

SAINT Exploits

Description Link
Lotus Notes MIF attachment viewer buffer overflow More info here
Lotus Notes WPD attachment viewer buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
52713 Autonomy KeyView SDK wp6sr.dll Word Perfect Document Handling Overflow
40792 Autonomy KeyView Multiple Products lasr.dll SAM File Handling Overflow
40791 Autonomy KeyView Multiple Products mifsr.dll MIF File Handling Overflow
40790 Autonomy KeyView Multiple Products rtfsr.dll RTF File Handling Overflow
40789 Autonomy KeyView Multiple Products mwsr.dll DOC File Handling Overflow
40788 Autonomy KeyView Multiple Products exesr.dll EXE / DLL File Handling Overflow
40787 Autonomy KeyView Multiple Products awsr.dll AW File Handling Overflow
40786 Autonomy KeyView Multiple Products kpagrdr.dll AG File Handling Overflow
40783 Autonomy KeyView Multiple Products Crafted WordPerfect (WPD) File Handling O...

OpenVAS Exploits

id Description
2009-03-20 Name : Ubuntu USN-735-1 (gst-plugins-base0.10)
File : nvt/ubuntu_735_1.nasl
2009-03-20 Name : Ubuntu USN-736-1 (gst-plugins-good0.10)
File : nvt/ubuntu_736_1.nasl
2009-03-20 Name : Ubuntu USN-737-1 (libsoup)
File : nvt/ubuntu_737_1.nasl
2009-03-20 Name : Ubuntu USN-739-1 (amarok)
File : nvt/ubuntu_739_1.nasl

Snort® IPS/IDS

Date Description
2015-07-08 IBM Lotus Notes WPD attachment handling buffer overflow attempt
RuleID : 34632 - Type : SERVER-MAIL - Revision : 2
2014-01-10 Lotus Notes MIF viewer statement data overflow 2
RuleID : 18477 - Type : SERVER-MAIL - Revision : 8
2014-01-10 IBM Lotus Notes WPD attachment handling buffer overflow attempt
RuleID : 17777 - Type : SERVER-MAIL - Revision : 11
2014-01-10 IBM Lotus Notes MIF viewer statement data overflow
RuleID : 12706 - Type : SERVER-MAIL - Revision : 13
2014-01-10 IBM Lotus Notes MIF viewer statement overflow
RuleID : 12705 - Type : SERVER-MAIL - Revision : 10
2014-01-10 IBM Lotus Notes MIF viewer MIFFILE comment overflow
RuleID : 12704 - Type : SERVER-MAIL - Revision : 10

Nessus® Vulnerability Scanner

id Description
2007-10-24 Name: The remote Windows host has an application that is affected by several buffer...
File: notes_keyview_overflows.nasl - Type: ACT_GATHER_INFO