Memory Corruption Vulnerabilities in Autonomy KeyView IDOL Used by Symantec and IBM Products
CVE-2012-6277

7.8HIGH

Key Information:

Vendor

IBM
Status
Autonomy Keyview Idol
Vendor
CVE Published:
21 February 2020

What is CVE-2012-6277?

Multiple vulnerabilities in Autonomy KeyView IDOL prior to version 10.16 can be exploited by remote attackers through specially crafted files. This could lead to memory corruption, allowing attackers to execute arbitrary code on systems running affected Symantec and IBM products. Specific instances of these vulnerabilities have been linked to weaknesses in the processing of attacker-controlled input, posing significant risks to data integrity and system stability.

Affected Version(s)

Autonomy KeyView IDOL before 10.16

References

https://support.symantec.com/us/en/article.symsa1262.html
x_refsource_MISC
https://www.ibm.com/blogs/psirt/security-bulletin-securit...
x_refsource_MISC
https://www.kb.cert.org/vuls/id/849841/
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.