Stack-based Buffer Overflow in Autonomy KeyView SDK Affects IBM Lotus Notes and Symantec Products
CVE-2008-4564

Currently unrated

Key Information:

Vendor: Symantec
Status: Data Loss Prevention Detection Servers; Keyview Filter Sdk; Lotus Notes; Mail Security
Vendor: CVE Published:; 18 March 2009

What is CVE-2008-4564?

The Autonomy KeyView SDK version 10.4 and earlier contains a stack-based buffer overflow in the wp6sr.dll component. This vulnerability is exploitable through specially crafted Word Perfect Document (WPD) files, leading to potential remote code execution on affected systems. It impacts various products including IBM Lotus Notes and several Symantec security solutions, posing a significant risk to affected users.

References

http://www.symantec.com/avcenter/security/Content/2009.03...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2009/0744

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/34303

third-party-advisoryx_refsource_SECUNIA

EPSS Score

54% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 18, 2009
Vulnerability Reserved
Oct 14, 2008