Vulnerability-Lookup

CVE-2008-4564 (GCVE-0-2008-4564)

Vulnerability from cvelistv5 – Published: 2009-03-18 15:00 – Updated: 2024-08-07 10:24

Summary

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

18 references

URL	Tags
http://www.symantec.com/avcenter/security/Content…	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/0744	vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/34303	third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1021859	vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/34307	third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?rs=463&…	x_refsource_CONFIRM
http://secunia.com/advisories/34318	third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1021856	vdb-entryx_refsource_SECTRACK
http://securitytracker.com/id?1021857	vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/276563	third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2009/0756	vdb-entryx_refsource_VUPEN
https://customers.autonomy.com/support/secure/doc…	x_refsource_CONFIRM
http://secunia.com/advisories/34355	third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/52713	vdb-entryx_refsource_OSVDB
http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
http://www.securityfocus.com/bid/34086	vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2009/0757	vdb-entryx_refsource_VUPEN

Date Public

2009-03-17 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:24:18.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
          },
          {
            "name": "ADV-2009-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0744"
          },
          {
            "name": "34303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34303"
          },
          {
            "name": "1021859",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021859"
          },
          {
            "name": "34307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34307"
          },
          {
            "name": "autonomy-keyview-wp6sr-bo(49284)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
          },
          {
            "name": "34318",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34318"
          },
          {
            "name": "1021856",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021856"
          },
          {
            "name": "1021857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021857"
          },
          {
            "name": "VU#276563",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/276563"
          },
          {
            "name": "ADV-2009-0756",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0756"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
          },
          {
            "name": "34355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34355"
          },
          {
            "name": "52713",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/52713"
          },
          {
            "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
          },
          {
            "name": "34086",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34086"
          },
          {
            "name": "ADV-2009-0757",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0757"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
        },
        {
          "name": "ADV-2009-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0744"
        },
        {
          "name": "34303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34303"
        },
        {
          "name": "1021859",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021859"
        },
        {
          "name": "34307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34307"
        },
        {
          "name": "autonomy-keyview-wp6sr-bo(49284)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
        },
        {
          "name": "34318",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34318"
        },
        {
          "name": "1021856",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021856"
        },
        {
          "name": "1021857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021857"
        },
        {
          "name": "VU#276563",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/276563"
        },
        {
          "name": "ADV-2009-0756",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0756"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
        },
        {
          "name": "34355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34355"
        },
        {
          "name": "52713",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/52713"
        },
        {
          "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
        },
        {
          "name": "34086",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34086"
        },
        {
          "name": "ADV-2009-0757",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0757"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
            },
            {
              "name": "ADV-2009-0744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0744"
            },
            {
              "name": "34303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34303"
            },
            {
              "name": "1021859",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021859"
            },
            {
              "name": "34307",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34307"
            },
            {
              "name": "autonomy-keyview-wp6sr-bo(49284)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
            },
            {
              "name": "34318",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34318"
            },
            {
              "name": "1021856",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021856"
            },
            {
              "name": "1021857",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021857"
            },
            {
              "name": "VU#276563",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/276563"
            },
            {
              "name": "ADV-2009-0756",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0756"
            },
            {
              "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
              "refsource": "CONFIRM",
              "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
            },
            {
              "name": "34355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34355"
            },
            {
              "name": "52713",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/52713"
            },
            {
              "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
            },
            {
              "name": "34086",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34086"
            },
            {
              "name": "ADV-2009-0757",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0757"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4564",
    "datePublished": "2009-03-18T15:00:00.000Z",
    "dateReserved": "2008-10-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T10:24:18.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2008-4564",
      "date": "2026-06-07",
      "epss": "0.50828",
      "percentile": "0.97915"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-4564\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-03-18T15:30:00.267\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes,  productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero Word Perfect Document (WPD) manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.4\",\"matchCriteriaId\":\"6B16D7CE-3770-46A6-BECA-76989E9639BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB3799E-43FC-40AA-85EC-72D87962C95D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B92810D7-A5C2-4118-8B67-9E1A49C6C4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"893D0CC9-971E-4C78-AD80-D004D8BB5F37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15B8E1D9-ADF9-40B2-A652-53CDEF60FAB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.4\",\"matchCriteriaId\":\"177E8A5C-0812-47BC-9CFC-F8E25A0F42AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8E3B7CC-48D2-4EB0-A0D9-44AA6947CF65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B90F221E-6C5A-4844-A098-53BE40E78A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F4A68C-EF5D-41BB-A518-D277927D80D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6E0041-6647-4B04-B4C1-019E1F12E606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.4\",\"matchCriteriaId\":\"BD370EEA-A33C-45B2-8FC6-C419AD6468E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FE65E34-052C-4614-BA69-71D96EBC65E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D56C0E-3403-4B91-A064-69E46770FBBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBB6C6D0-0848-45D0-ACA7-03B46F42AE76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E50CAF0-1F3A-4F57-A8DA-91B7840BBE3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4B2601-B62F-4235-BFFD-281235737450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"273DF27B-9441-4925-BD7E-5709D7D059EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E234AD1-7202-421E-82C8-880E84876021\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D037CC-1207-48E2-882E-8B236EE7138F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5059BEF2-84EB-4B5F-84F5-9E3200B068F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB71B7AA-957B-46A6-9BC9-CE23EC721189\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46CF28C0-51AD-4783-B1F0-205DF64D133A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C0015A2-A70E-4B0C-B59A-44F5F611293D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1360A50E-C1E1-4690-874A-04CC7C1A77CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D94927A9-61FD-459F-9A6D-E581A4AF505C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3B32BA2-9EB7-4294-A857-226A5B1CC401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF64CA16-6C20-42E1-BA68-BD63A873BFA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12D7DD7B-CA90-44A5-9B7B-4A4985150689\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C63D40DF-C6F3-4502-9816-939265F10532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*\",\"matchCriteriaId\":\"F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*\",\"matchCriteriaId\":\"04CB50C2-2B01-4A68-BE96-1127B9954F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4598C4A8-B19D-4562-A5B5-D3B090F0C8D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*\",\"matchCriteriaId\":\"66D334E1-9326-4D0A-8D87-572F3E6B44BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68AEB13D-C7C6-426F-8484-85EFF7245DF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94646433-DE15-4214-9C78-7D1DAB5A12D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3449A490-865A-4262-8482-429DEF455644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*\",\"matchCriteriaId\":\"5614CD60-7690-47E6-AEB3-FB0151EB264C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"692E295E-E650-42D5-AF7A-D6276C3D76E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D6701EB-AF87-4B63-A8B5-AA27C28DFFB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*\",\"matchCriteriaId\":\"E1BE16AC-118D-4BA0-AE37-3DB2E4E417DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F945149-43CC-4EAC-9A78-C6A3BA6FAF9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D42BEF4-9BB4-4CCF-9395-C306C3CEBB0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"DC2C0DBF-382C-4F96-8497-2FABD7CB67C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*\",\"matchCriteriaId\":\"42A91935-15AC-4F64-AD3D-EFAD08955562\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37076C05-12CE-484C-AB10-711BABFF6992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A5F3BAC-B470-4FB7-88AF-47A33D46EF00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFD0A99F-6B8A-4BB9-B8A7-40BB5D7B7CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8960720-5DF0-4F4C-9603-09A85FAF843D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"3E9D9CE3-109C-4035-9934-2B457268985D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*\",\"matchCriteriaId\":\"E258E769-38CC-4E62-8158-3D549263ED1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*\",\"matchCriteriaId\":\"0648861C-A58E-4103-8720-4480C2F098FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C890707A-D2DF-403A-87CB-2AB01E85D8B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"5E7788BD-652E-4306-AED0-6AE7F9A07836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*\",\"matchCriteriaId\":\"977786AB-A76C-4A1C-8999-BF4A5E08F8BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"A8430D5E-A8A7-4724-8A6B-B5E2CA437729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"D602A441-863D-4E90-A01D-57C41725D008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*\",\"matchCriteriaId\":\"0117D61C-DEE6-4803-9CF8-27EEBAA493CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*\",\"matchCriteriaId\":\"5BF163AF-E470-492A-940C-B2FB37AA2322\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*\",\"matchCriteriaId\":\"95D5B1CF-6C20-4D66-9D30-631441FA953B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BBAE476-DB98-4464-81DF-8EC386E808B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*\",\"matchCriteriaId\":\"225BA7A2-8C45-42F1-921B-105CF8F0F22A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*\",\"matchCriteriaId\":\"B1E6B709-B44B-47AC-A7FF-0C248D777D5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*\",\"matchCriteriaId\":\"07FADB30-A418-43C5-A798-4769C5350E7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*\",\"matchCriteriaId\":\"70F1A708-9914-4875-B594-D8A9D65182D8\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/52713\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/34303\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/34307\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34318\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/34355\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1021856\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1021857\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/276563\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/34086\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1021859\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2009.03.17a.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0744\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0756\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/0757\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/49284\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/52713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34303\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34307\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34355\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1021856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1021857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/276563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/34086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021859\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/avcenter/security/Content/2009.03.17a.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0744\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/0757\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/49284\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2009-AVI-097

Vulnerability from certfr_avis - Published: 2009-03-18 - Updated: 2009-03-18

Une vulnérabilité dans un module tiers de certains produits Symantec permet une exécution de code arbitraire à distance.

Description

Une vulnérabilité a été découverte dans le module tiers Autonomy KeyView, inclus dans de nombreux produits Symantec. L'exploitation de cette vulnérabilité permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec Mail Security for SMTP versions 5.0.x ;
Symantec	N/A	Symantec Brightmail Appliance (sauf les versions 8.x) ;
Symantec	N/A	Symantec Mail Security Appliance/Symantec Brightmail Appliance versions 5.0.x et ultérieures ;
Symantec	N/A	Symantec Data Loss Prevention Endpoint Agents versions 8.0 et 8.1.x.
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 5.0.10, 5.0.11, 6.0.6 et 6.0.7 ;
Symantec	N/A	Symantec Mail Security for Domino versions 7.5.3.25, 7.5.4.29 et 7.5.5.32 ;
Symantec	N/A	Symantec Data Loss Prevention Detection Servers/Enforce versions 7.x, 8.0 et 8.1.x ;

References

Title

Publication Time

CERTA-2009-AVI-110

Vulnerability from certfr_avis - Published: 2009-03-23 - Updated: 2009-03-23

Une vulnérabililité a été identifiée dans l'application IBM Lotus Notes. Elle concerne l'affichage de documents de type WordPerfect. Cette vulnérabilité peut être exploitée à distance par une personne malveillante pour exécuter des commandes arbitraires sur le système.

Description

Une vulnérabililité a été identifiée dans l'application IBM Lotus Notes. Elle concerne l'affichage de documents de type WordPerfect qui s'appuie sur la bibliothèque wp6sr.dll (Autonomy KeyView). La vulnérabilité est semblable à celle mentionnée dans l'avis CERTA-2009-AVI-097 du 18 mars 2009.

Elle peut être exploitée à distance par une personne malveillante pour exécuter des commandes arbitraires sur le système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	IBM Lotus Notes File Viewer, pour les versions 5.x, 6.5, 7.0 et 8.0.

References

Title

Publication Time

FKIE_CVE-2008-4564

Vulnerability from fkie_nvd - Published: 2009-03-18 15:30 - Updated: 2026-04-23 00:35

Severity

Summary

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
cve@mitre.org	http://osvdb.org/52713
cve@mitre.org	http://secunia.com/advisories/34303
cve@mitre.org	http://secunia.com/advisories/34307	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34318
cve@mitre.org	http://secunia.com/advisories/34355
cve@mitre.org	http://securitytracker.com/id?1021856
cve@mitre.org	http://securitytracker.com/id?1021857
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/276563	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/34086
cve@mitre.org	http://www.securitytracker.com/id?1021859
cve@mitre.org	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0744	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0756
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0757
cve@mitre.org	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/52713
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34303
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34307	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34318
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34355
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021856
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021857
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/276563	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34086
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021859
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0744	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0756
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0757
af854a3a-2127-422b-91ae-364da2661108	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284

Impacted products

Vendor	Product	Version
autonomy	keyview_export_sdk	*
autonomy	keyview_export_sdk	2.0
autonomy	keyview_export_sdk	9.2.0
autonomy	keyview_export_sdk	10
autonomy	keyview_export_sdk	10.3
autonomy	keyview_filter_sdk	*
autonomy	keyview_filter_sdk	2.0
autonomy	keyview_filter_sdk	9.2.0
autonomy	keyview_filter_sdk	10
autonomy	keyview_filter_sdk	10.3
autonomy	keyview_viewer_sdk	*
autonomy	keyview_viewer_sdk	2.0
autonomy	keyview_viewer_sdk	9.2.0
autonomy	keyview_viewer_sdk	10
autonomy	keyview_viewer_sdk	10.3
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.12
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3
ibm	lotus_notes	8.0
symantec	altiris_deployment_solution	*
symantec	brightmail	5.0
symantec	data_loss_prevention_detection_servers	7.0
symantec	data_loss_prevention_detection_servers	8.0
symantec	data_loss_prevention_detection_servers	8.1
symantec	data_loss_prevention_detection_servers	8.1
symantec	data_loss_prevention_endpoint_agents	8.0
symantec	data_loss_prevention_endpoint_agents	8.1
symantec	enforce	7.0
symantec	enforce	8.0
symantec	enforce	8.1
symantec	enforce	8.1
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0.24
symantec	mail_security	5.0.1
symantec	mail_security	5.0.1.181
symantec	mail_security	5.0.1.182
symantec	mail_security	5.0.1.189
symantec	mail_security	5.0.1.200
symantec	mail_security	5.0.10
symantec	mail_security	5.0.11
symantec	mail_security	6.0.6
symantec	mail_security	6.0.7
symantec	mail_security	7.5..4.29
symantec	mail_security	7.5.3.25
symantec	mail_security	7.5.5.32

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B16D7CE-3770-46A6-BECA-76989E9639BE",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB3799E-43FC-40AA-85EC-72D87962C95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B92810D7-A5C2-4118-8B67-9E1A49C6C4D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "893D0CC9-971E-4C78-AD80-D004D8BB5F37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B8E1D9-ADF9-40B2-A652-53CDEF60FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "177E8A5C-0812-47BC-9CFC-F8E25A0F42AB",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8E3B7CC-48D2-4EB0-A0D9-44AA6947CF65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B90F221E-6C5A-4844-A098-53BE40E78A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F4A68C-EF5D-41BB-A518-D277927D80D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6E0041-6647-4B04-B4C1-019E1F12E606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD370EEA-A33C-45B2-8FC6-C419AD6468E4",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE65E34-052C-4614-BA69-71D96EBC65E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D56C0E-3403-4B91-A064-69E46770FBBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBB6C6D0-0848-45D0-ACA7-03B46F42AE76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E50CAF0-1F3A-4F57-A8DA-91B7840BBE3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
              "matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6701EB-AF87-4B63-A8B5-AA27C28DFFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "E1BE16AC-118D-4BA0-AE37-3DB2E4E417DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F945149-43CC-4EAC-9A78-C6A3BA6FAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D42BEF4-9BB4-4CCF-9395-C306C3CEBB0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "DC2C0DBF-382C-4F96-8497-2FABD7CB67C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "42A91935-15AC-4F64-AD3D-EFAD08955562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37076C05-12CE-484C-AB10-711BABFF6992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5F3BAC-B470-4FB7-88AF-47A33D46EF00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD0A99F-6B8A-4BB9-B8A7-40BB5D7B7CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8960720-5DF0-4F4C-9603-09A85FAF843D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "3E9D9CE3-109C-4035-9934-2B457268985D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "E258E769-38CC-4E62-8158-3D549263ED1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C890707A-D2DF-403A-87CB-2AB01E85D8B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*",
              "matchCriteriaId": "5BBAE476-DB98-4464-81DF-8EC386E808B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*",
              "matchCriteriaId": "225BA7A2-8C45-42F1-921B-105CF8F0F22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*",
              "matchCriteriaId": "B1E6B709-B44B-47AC-A7FF-0C248D777D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
              "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
              "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes,  productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero Word Perfect Document (WPD) manipulado."
    }
  ],
  "id": "CVE-2008-4564",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-03-18T15:30:00.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/52713"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34303"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34307"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34318"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34355"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021856"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/276563"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34086"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021859"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0744"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0757"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/52713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/276563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021859"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0757"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6P66-F3JG-VMHH

Vulnerability from github – Published: 2022-05-02 00:11 – Updated: 2022-05-02 00:11

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-4564"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-03-18T15:30:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.",
  "id": "GHSA-6p66-f3jg-vmhh",
  "modified": "2022-05-02T00:11:23Z",
  "published": "2022-05-02T00:11:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4564"
    },
    {
      "type": "WEB",
      "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/52713"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34303"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34307"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34318"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34355"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021856"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1021857"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/276563"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/34086"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021859"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0744"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0756"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/0757"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2008-4564

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-4564

Aliases

CVE-2008-4564

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-4564",
    "description": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.",
    "id": "GSD-2008-4564"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-4564"
      ],
      "details": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.",
      "id": "GSD-2008-4564",
      "modified": "2023-12-13T01:23:00.238381Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-4564",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
            "refsource": "CONFIRM",
            "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
          },
          {
            "name": "ADV-2009-0744",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0744"
          },
          {
            "name": "34303",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34303"
          },
          {
            "name": "1021859",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021859"
          },
          {
            "name": "34307",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34307"
          },
          {
            "name": "autonomy-keyview-wp6sr-bo(49284)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
          },
          {
            "name": "34318",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34318"
          },
          {
            "name": "1021856",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021856"
          },
          {
            "name": "1021857",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1021857"
          },
          {
            "name": "VU#276563",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/276563"
          },
          {
            "name": "ADV-2009-0756",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0756"
          },
          {
            "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
            "refsource": "CONFIRM",
            "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
          },
          {
            "name": "34355",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34355"
          },
          {
            "name": "52713",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/52713"
          },
          {
            "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
          },
          {
            "name": "34086",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/34086"
          },
          {
            "name": "ADV-2009-0757",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/0757"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4564"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "34307",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/34307"
            },
            {
              "name": "34086",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/34086"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
            },
            {
              "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
            },
            {
              "name": "ADV-2009-0744",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0744"
            },
            {
              "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
            },
            {
              "name": "1021856",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021856"
            },
            {
              "name": "1021857",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1021857"
            },
            {
              "name": "34318",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/34318"
            },
            {
              "name": "ADV-2009-0756",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0756"
            },
            {
              "name": "34355",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/34355"
            },
            {
              "name": "ADV-2009-0757",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/0757"
            },
            {
              "name": "34303",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/34303"
            },
            {
              "name": "52713",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/52713"
            },
            {
              "name": "1021859",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021859"
            },
            {
              "name": "VU#276563",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/276563"
            },
            {
              "name": "autonomy-keyview-wp6sr-bo(49284)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-08T01:32Z",
      "publishedDate": "2009-03-18T15:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-4564 (GCVE-0-2008-4564)

CERTA-2009-AVI-097

Description

Solution

CERTA-2009-AVI-110

Description

Solution

FKIE_CVE-2008-4564

GHSA-6P66-F3JG-VMHH

GSD-2008-4564

Tags

Sightings

Nomenclature