4 results (0.009 seconds)

CVSS: 9.3EPSS: 92%CPEs: 67EXPL: 0

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. Desbordamiento de búfer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar código de su elección mediante un fichero Word Perfect Document (WPD) manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774 http://osvdb.org/52713 http://secunia.com/advisories/34303 http://secunia.com/advisories/34307 http://secunia.com/advisories/34318 http://secunia.com/advisories/34355 http://securitytracker.com/id?1021856 http://securitytracker.com/id?1021857 http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573 http://www.kb.cert.org/vuls/id/276563 http://www.securityfocus.com/bid/34086 http://www.se • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0

Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Desbordamiento de búfer basado en montículo en emlsr.dll anterior a 2.0.0.4 de Autonomy (antiguamente Verity) KeyView Viewer, Filter, y Export SDK permite a atacantes remotos ejecutar código de su elección mediante una línea de cabecera Content-Type larga en un fichero EML. NOTA: la procedencia de esta información es desconocida; los detalles se han obtenido de información de terceros. • http://secunia.com/advisories/27304 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 11EXPL: 0

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file. Desbordamiento de búfer basado en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el wp6sr.dll del IBM Lotus Notes 8.0 y anteriores al 7.0.3, en el Symantec Mail Security y en otros productos, permite a atacantes remotos ejecutar código de su elección a través de un fichero modificado de WordPerfect (WPD). • http://secunia.com/advisories/27304 http://securityreason.com/securityalert/3357 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html http://securitytracker.com/id?1018853 http://securitytracker.com/id?1018886 http://vuln.sg/lotusnotes702-en.html http://vuln.sg/lotusnotes702wpd-en.html http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://www.securityfocus.com/archive/1/482664 http://www.securityfocus.com/bid/26175 http://www.vupen.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 88%CPEs: 11EXPL: 0

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910. Múltiples desbordamientos de búfer basados en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el IBM Lotus Notes anterior al 7.0.3, en el Symantec Mail Security y en otros productos, permiten a atacantes remotos ejecutar código de su elección a través de modificaciones en (1) el fichero AG del kpagrdr.dll, (2) en el fichero AW del awsr.dll, (3) en el fichero DLL o el (4) EXE del exesr.dll, (5) en el fichero DOC del mwsr.dll, (6) en el fichero MIF del mifsr.dll, (7) en el fichero SAM del lasr.dll o (8) en el fichero RTF del rtfsr.dll. NOTA: el vector WPD (wp6sr.dll) se trata en la vulnerabilidad CVE-2007-5910. Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. • http://secunia.com/advisories/27304 http://securityreason.com/securityalert/3357 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html http://securitytracker.com/id?1018853 http://securitytracker.com/id?1018886 http://vuln.sg/lotusnotes702-en.html http://vuln.sg/lotusnotes702doc-en.html http://vuln.sg/lotusnotes702mif-en.html http://vuln.sg/lotusnotes702sam-en.html http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://www-1.ibm.com/suppor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •