Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4564

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4564
Last Modified 07 Mar 2011 10:12:40
Published 18 Mar 2009 11:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4564

Summary

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

Vulnerable Systems

Application

  • Autonomy Keyview Export Sdk 10

  • Autonomy Keyview Export Sdk 10.3

  • Autonomy Keyview Export Sdk 10.4

  • Autonomy Keyview Export Sdk 2.0

  • Autonomy Keyview Export Sdk 9.2.0

  • Autonomy Keyview Filter Sdk 10

  • Autonomy Keyview Filter Sdk 10.3

  • Autonomy Keyview Filter Sdk 10.4

  • Autonomy Keyview Filter Sdk 2.0

  • Autonomy Keyview Filter Sdk 9.2.0

  • Autonomy Keyview Viewer Sdk 10

  • Autonomy Keyview Viewer Sdk 10.3

  • Autonomy Keyview Viewer Sdk 10.4

  • Autonomy Keyview Viewer Sdk 2.0

  • Autonomy Keyview Viewer Sdk 9.2.0

  • Ibm Lotus Notes 5.0.12

  • Ibm Lotus Notes 5.0.3

  • Ibm Lotus Notes 6.0

  • Ibm Lotus Notes 6.0.1

  • Ibm Lotus Notes 6.0.2

  • Ibm Lotus Notes 6.0.3

  • Ibm Lotus Notes 6.0.4

  • Ibm Lotus Notes 6.0.5

  • Ibm Lotus Notes 6.5

  • Ibm Lotus Notes 6.5.1

  • Ibm Lotus Notes 6.5.2

  • Ibm Lotus Notes 6.5.3

  • Ibm Lotus Notes 6.5.4

  • Ibm Lotus Notes 6.5.5

  • Ibm Lotus Notes 6.5.6

  • Ibm Lotus Notes 7.0

  • Ibm Lotus Notes 7.0.1

  • Ibm Lotus Notes 7.0.2

  • Ibm Lotus Notes 7.0.3

  • Ibm Lotus Notes 8.0

  • Symantec Altiris Deployment Solution

  • Symantec Brightmail 5.0

  • Symantec Data Loss Prevention Detection Servers 7.0

  • Symantec Data Loss Prevention Detection Servers 8.0

  • Symantec Data Loss Prevention Detection Servers 8.1

  • Symantec Data Loss Prevention Endpoint Agents 8.0

  • Symantec Data Loss Prevention Endpoint Agents 8.1

  • Symantec Enforce 7.0

  • Symantec Enforce 8.0

  • Symantec Enforce 8.1

  • Symantec Mail Security 5.0

  • Symantec Mail Security 5.0.0

  • Symantec Mail Security 5.0.0.24

  • Symantec Mail Security 5.0.1

  • Symantec Mail Security 5.0.1.181

  • Symantec Mail Security 5.0.1.182

  • Symantec Mail Security 5.0.1.189

  • Symantec Mail Security 5.0.1.200

  • Symantec Mail Security 5.0.10

  • Symantec Mail Security 5.0.11

  • Symantec Mail Security 6.0.6

  • Symantec Mail Security 6.0.7

  • Symantec Mail Security 7.5..4.29

  • Symantec Mail Security 7.5.3.25

  • Symantec Mail Security 7.5.5.32


References

CERT-VN - VU#276563

CONFIRM - https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html

XF - symantec-autonomykeyview-bo(49284)

VUPEN - ADV-2009-0757

VUPEN - ADV-2009-0756

VUPEN - ADV-2009-0744

CONFIRM - http://www.symantec.com/avcenter/security/Content/2009.03.17a.html

SECTRACK - 1021859

BID - 34086

CONFIRM - http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573

SECTRACK - 1021857

SECTRACK - 1021856

SECUNIA - 34355

SECUNIA - 34318

SECUNIA - 34307

SECUNIA - 34303

OSVDB - 52713

IDEFENSE - 20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability

XF - autonomy-keyview-wp6sr-bo(49284)


Last Updated: 27 May 2016 10:49:56