Release DateJun 23, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer overflow vulnerability in the Autonomy KeyView SDK.The vulnerability is caused by an error when the vulnerable software handles a specially crafted WordPerfect (WPD) file. It allows a remote attacker to execute arbitrary code. |
Affected ProductsAutonomy Keyview Viewer SDK 10.4Autonomy Keyview Viewer SDK 10.3 Autonomy Keyview Viewer SDK 10 Autonomy Keyview Filter SDK 10.4 Autonomy Keyview Filter SDK 10.3 Autonomy Keyview Filter SDK 10 Autonomy Keyview Export SDK 10.4 Autonomy Keyview Export SDK 10.3 Autonomy Keyview Export SDK 10 |
Recommended ActionsApply patch, available from the web site:https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-4564 |
Reference/shttp://www.frsirt.com/english/advisories/2009/0756 (FrSIRT)http://www.securityfocus.com/bid/34086 (BugTraq) |
