| Name | Autonomy.KeyView.SDK.Wp6sr.DLL.Buffer.Overflow |
| Release Date | Jun 23, 2009 |
| Severity | Critical |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems. |
| Description | This indicates an attack attempt against a buffer overflow vulnerability in the Autonomy KeyView SDK.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted WordPerfect (WPD) file. It allows a remote attacker to execute arbitrary code. |
| Affected Products | Autonomy Keyview Viewer SDK 10.4
Autonomy Keyview Viewer SDK 10.3
Autonomy Keyview Viewer SDK 10
Autonomy Keyview Filter SDK 10.4
Autonomy Keyview Filter SDK 10.3
Autonomy Keyview Filter SDK 10
Autonomy Keyview Export SDK 10.4
Autonomy Keyview Export SDK 10.3
Autonomy Keyview Export SDK 10 |
| Recommended Actions | Apply patch, available from the web site:
https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-4564
|
| Reference/s | http://www.securityfocus.com/bid/34086 (BugTraq)
http://www.vupen.com/english/advisories/2009/0756 (FrSIRT)
|