Buffer Overflow in KeyView Document Viewing Engine Used by IBM Lotus Notes
CVE-2008-1101

Currently unrated

Key Information:

Vendor

IBM
Status
Lotus Notes
Keyview
Vendor
CVE Published:
10 April 2008

What is CVE-2008-1101?

A buffer overflow vulnerability exists in the kvdocve.dll component of the KeyView document viewing engine, which is utilized in IBM Lotus Notes versions 7.0.2 and 7.0.3. This flaw can be exploited by remote attackers to execute arbitrary code on the affected system. This is accomplished through the use of excessive pathname lengths, particularly demonstrated by the SRC attribute of an IMG tag within an HTML document. Proper safeguards and updates should be implemented to mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/28140
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28209
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/41725
vdb-entryx_refsource_XF

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.