CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/34307	Vendor Advisory
http://www.securityfocus.com/bid/34086
http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	Vendor Advisory
https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
http://www.vupen.com/english/advisories/2009/0744	Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	Vendor Advisory
http://securitytracker.com/id?1021856
http://securitytracker.com/id?1021857
http://secunia.com/advisories/34318
http://www.vupen.com/english/advisories/2009/0756
http://secunia.com/advisories/34355
http://www.vupen.com/english/advisories/2009/0757
http://secunia.com/advisories/34303
http://osvdb.org/52713
http://www.securitytracker.com/id?1021859
http://www.kb.cert.org/vuls/id/276563	US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/49284

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:mail_security:7.5.3.25::domino:::::
	cpe:2.3:a:symantec:mail_security:5.0.11::microsoft_exchange:::::
	cpe:2.3:a:symantec:mail_security:5.0.10::microsoft_exchange:::::
	cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange::::::
	cpe:2.3:a:symantec:mail_security:5.0.1::smtp:::::
	cpe:2.3:a:symantec:mail_security:5.0::appliance:::::
	cpe:2.3:a:symantec:altiris_deployment_solution::::::::
	cpe:2.3:a:symantec:enforce:7.0:::::::*
	cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:::::::*
	cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.1:::::::*
	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.2:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.5::fp3:::::
	cpe:2.3:a:symantec:mail_security:7.5..4.29::domino:::::
	cpe:2.3:a:ibm:lotus_notes:6.5.5::fp2:::::
	cpe:2.3:a:autonomy:keyview_filter_sdk:10:::::::*
	cpe:2.3:a:ibm:lotus_notes:5.0.3:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.6:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.1.181::smtp:::::
	cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:::::::*
	cpe:2.3:a:autonomy:keyview_viewer_sdk:10:::::::*
	cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0.4:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0.3:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.1.182::smtp:::::
	cpe:2.3:a:symantec:mail_security:7.5.5.32::domino:::::
	cpe:2.3:a:ibm:lotus_notes:8.0:::::::*
	cpe:2.3:a:symantec:enforce:8.1::linux:::::
	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0.3:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.5:::::::*
	cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
	cpe:2.3:a:autonomy:keyview_filter_sdk::::::::
	cpe:2.3:a:autonomy:keyview_export_sdk:10.3:::::::*
	cpe:2.3:a:symantec:enforce:8.1::windows:::::
	cpe:2.3:a:autonomy:keyview_export_sdk:10:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0.1:::::::*
	cpe:2.3:a:autonomy:keyview_viewer_sdk::::::::
	cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange::::::
	cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:::::::*
	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1::linux:::::
	cpe:2.3:a:symantec:enforce:8.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:5.0.12:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0.2:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
	cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:::::::*
	cpe:2.3:a:autonomy:keyview_export_sdk::::::::
	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1::windows:::::
	cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.0.24::appliance:::::
	cpe:2.3:a:ibm:lotus_notes:6.5.4:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5.6::fp2:::::
	cpe:2.3:a:ibm:lotus_notes:6.0.5:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.1.200::smtp:::::
	cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0.2::fp1:::::
	cpe:2.3:a:ibm:lotus_notes:7.0.1:::::::*
	cpe:2.3:a:symantec:mail_security:5.0.1.189::smtp:::::
	cpe:2.3:a:ibm:lotus_notes:6.5.3:::::::*
	cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0.2:::::::*
cpe:2.3:a:symantec:mail_security:5.0.0::smtp:::::
cpe:2.3:a:symantec:brightmail:5.0::appliance:::::
cpe:2.3:a:autonomy:keyview_export_sdk:2.0:::::::*

Information

Published : 2009-03-18 08:30

Updated : 2017-08-07 18:32

NVD link : CVE-2008-4564

Mitre link : CVE-2008-4564

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

symantec

enforce
data_loss_prevention_endpoint_agents
altiris_deployment_solution
brightmail
data_loss_prevention_detection_servers
mail_security

ibm

lotus_notes

autonomy

keyview_filter_sdk
keyview_export_sdk
keyview_viewer_sdk

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://secunia.com/advisories/34307", "name": "34307", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/34086", "name": "34086", "tags": [], "refsource": "BID"}, {"url": "http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573", "name": "http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html", "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.vupen.com/english/advisories/2009/0744", "name": "ADV-2009-0744", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774", "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html", "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://securitytracker.com/id?1021856", "name": "1021856", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securitytracker.com/id?1021857", "name": "1021857", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/34318", "name": "34318", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2009/0756", "name": "ADV-2009-0756", "tags": [], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/34355", "name": "34355", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2009/0757", "name": "ADV-2009-0757", "tags": [], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/34303", "name": "34303", "tags": [], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/52713", "name": "52713", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securitytracker.com/id?1021859", "name": "1021859", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.kb.cert.org/vuls/id/276563", "name": "VU#276563", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284", "name": "autonomy-keyview-wp6sr-bo(49284)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-4564", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2009-03-18T15:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.4"}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.4"}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.4"}, {"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:32Z"}

9.3 /10