CVE-2008-1101

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes; Keyview
Vendor: CVE Published:; 10 April 2008

Summary

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.

References

http://secunia.com/advisories/28140

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/28209

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/41725

vdb-entryx_refsource_XF

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 10, 2008
Vulnerability Reserved
Feb 29, 2008