Vulnerability Details CVE-2008-4564
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.542
EPSS Ranking 97.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
- http://osvdb.org/52713
- http://secunia.com/advisories/34303
- http://secunia.com/advisories/34307
- http://secunia.com/advisories/34318
- http://secunia.com/advisories/34355
- http://securitytracker.com/id?1021856
- http://securitytracker.com/id?1021857
- http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573
- http://www.kb.cert.org/vuls/id/276563
- http://www.securityfocus.com/bid/34086
- http://www.securitytracker.com/id?1021859
- http://www.symantec.com/avcenter/security/Content/2009.03.17a.html
- http://www.vupen.com/english/advisories/2009/0744
- http://www.vupen.com/english/advisories/2009/0756
- http://www.vupen.com/english/advisories/2009/0757
- https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49284
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
- http://osvdb.org/52713
- http://secunia.com/advisories/34303
- http://secunia.com/advisories/34307
- http://secunia.com/advisories/34318
- http://secunia.com/advisories/34355
- http://securitytracker.com/id?1021856
- http://securitytracker.com/id?1021857
- http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573
- http://www.kb.cert.org/vuls/id/276563
- http://www.securityfocus.com/bid/34086
- http://www.securitytracker.com/id?1021859
- http://www.symantec.com/avcenter/security/Content/2009.03.17a.html
- http://www.vupen.com/english/advisories/2009/0744
- http://www.vupen.com/english/advisories/2009/0756
- http://www.vupen.com/english/advisories/2009/0757
- https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49284
Products affected by CVE-2008-4564
-
cpe:2.3:a:autonomy:keyview_export_sdk:-
-
cpe:2.3:a:autonomy:keyview_export_sdk:10
-
cpe:2.3:a:autonomy:keyview_export_sdk:10.3
-
cpe:2.3:a:autonomy:keyview_export_sdk:2.0
-
cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0
-
cpe:2.3:a:autonomy:keyview_filter_sdk:-
-
cpe:2.3:a:autonomy:keyview_filter_sdk:10
-
cpe:2.3:a:autonomy:keyview_filter_sdk:10.3
-
cpe:2.3:a:autonomy:keyview_filter_sdk:2.0
-
cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0
-
cpe:2.3:a:autonomy:keyview_viewer_sdk:-
-
cpe:2.3:a:autonomy:keyview_viewer_sdk:10
-
cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3
-
cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0
-
cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0
-
cpe:2.3:a:ibm:lotus_notes:5.0.12
-
cpe:2.3:a:ibm:lotus_notes:5.0.3
-
cpe:2.3:a:ibm:lotus_notes:6.0
-
cpe:2.3:a:ibm:lotus_notes:6.0.1
-
cpe:2.3:a:ibm:lotus_notes:6.0.2
-
cpe:2.3:a:ibm:lotus_notes:6.0.3
-
cpe:2.3:a:ibm:lotus_notes:6.0.4
-
cpe:2.3:a:ibm:lotus_notes:6.0.5
-
cpe:2.3:a:ibm:lotus_notes:6.5
-
cpe:2.3:a:ibm:lotus_notes:6.5.1
-
cpe:2.3:a:ibm:lotus_notes:6.5.2
-
cpe:2.3:a:ibm:lotus_notes:6.5.3
-
cpe:2.3:a:ibm:lotus_notes:6.5.4
-
cpe:2.3:a:ibm:lotus_notes:6.5.5
-
cpe:2.3:a:ibm:lotus_notes:6.5.6
-
cpe:2.3:a:ibm:lotus_notes:7.0
-
cpe:2.3:a:ibm:lotus_notes:7.0.1
-
cpe:2.3:a:ibm:lotus_notes:7.0.2
-
cpe:2.3:a:ibm:lotus_notes:7.0.3
-
cpe:2.3:a:ibm:lotus_notes:8.0
-
cpe:2.3:a:symantec:altiris_deployment_solution:-
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.8
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355
-
cpe:2.3:a:symantec:brightmail:5.0
-
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0
-
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0
-
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1
-
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0
-
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1
-
cpe:2.3:a:symantec:enforce:7.0
-
cpe:2.3:a:symantec:enforce:8.0
-
cpe:2.3:a:symantec:enforce:8.1
-
cpe:2.3:a:symantec:mail_security:5.0
-
cpe:2.3:a:symantec:mail_security:5.0.0
-
cpe:2.3:a:symantec:mail_security:5.0.0.24
-
cpe:2.3:a:symantec:mail_security:5.0.1
-
cpe:2.3:a:symantec:mail_security:5.0.1.181
-
cpe:2.3:a:symantec:mail_security:5.0.1.182
-
cpe:2.3:a:symantec:mail_security:5.0.1.189
-
cpe:2.3:a:symantec:mail_security:5.0.1.200
-
cpe:2.3:a:symantec:mail_security:5.0.10
-
cpe:2.3:a:symantec:mail_security:5.0.11
-
cpe:2.3:a:symantec:mail_security:6.0.6
-
cpe:2.3:a:symantec:mail_security:6.0.7
-
cpe:2.3:a:symantec:mail_security:7.5..4.29
-
cpe:2.3:a:symantec:mail_security:7.5.3.25
-
cpe:2.3:a:symantec:mail_security:7.5.5.32