CVE-2008-4564
iDEFENSE Security Advisory 2009-03-17.1
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Desbordamiento de búfer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar código de su elección mediante un fichero Word Perfect Document (WPD) manipulado.
Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user. This vulnerability exists within the "wp6sr.dll" which implements the processing of Word Perfect Documents. When processing certain records, data is copied from the file into a fixed-size stack buffer without ensuring that enough space is available. By overflowing the buffer, an attacker can overwrite control flow structures stored on the stack. iDefense confirmed that this vulnerability exists within Lotus Notes 8 installed on a Windows XP SP3 machine. All applications which utilize the Autonomy KeyView SDK to process Word Perfect Documents are suspected to be vulnerable.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-10-14 CVE Reserved
- 2009-03-18 CVE Published
- 2024-08-07 CVE Updated
- 2025-04-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774 | Third Party Advisory | |
| http://osvdb.org/52713 | Vdb Entry | |
| http://secunia.com/advisories/34303 | Third Party Advisory | |
| http://secunia.com/advisories/34318 | Third Party Advisory | |
| http://secunia.com/advisories/34355 | Third Party Advisory | |
| http://securitytracker.com/id?1021856 | Vdb Entry | |
| http://securitytracker.com/id?1021857 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/276563 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/34086 | Vdb Entry | |
| http://www.securitytracker.com/id?1021859 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0756 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0757 | Vdb Entry | |
| https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49284 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/34307 | 2017-08-08 | |
| http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573 | 2017-08-08 | |
| http://www.symantec.com/avcenter/security/Content/2009.03.17a.html | 2017-08-08 | |
| http://www.vupen.com/english/advisories/2009/0744 | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Export Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 10 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "10.3" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 10 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "10.3" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 10 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "10.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 5.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "5.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 5.0.12 Search vendor "Ibm" for product "Lotus Notes" and version "5.0.12" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0 Search vendor "Ibm" for product "Lotus Notes" and version "6.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.1 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.4 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.1 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.2 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.3 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.4 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | fp2 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | fp3 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.6 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.6 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.6" | fp2 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0 Search vendor "Ibm" for product "Lotus Notes" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.1 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.2" | fp1 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 8.0 Search vendor "Ibm" for product "Lotus Notes" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Altiris Deployment Solution Search vendor "Symantec" for product "Altiris Deployment Solution" | * | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Brightmail Search vendor "Symantec" for product "Brightmail" | 5.0 Search vendor "Symantec" for product "Brightmail" and version "5.0" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 7.0 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "7.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.0 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.1" | linux |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.1" | windows |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Endpoint Agents Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" | 8.0 Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Endpoint Agents Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" and version "8.1" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 7.0 Search vendor "Symantec" for product "Enforce" and version "7.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.0 Search vendor "Symantec" for product "Enforce" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.1 Search vendor "Symantec" for product "Enforce" and version "8.1" | linux |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.1 Search vendor "Symantec" for product "Enforce" and version "8.1" | windows |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0 Search vendor "Symantec" for product "Mail Security" and version "5.0" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0 Search vendor "Symantec" for product "Mail Security" and version "5.0.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0 Search vendor "Symantec" for product "Mail Security" and version "5.0.0" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0.24 Search vendor "Symantec" for product "Mail Security" and version "5.0.0.24" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1 Search vendor "Symantec" for product "Mail Security" and version "5.0.1" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.181 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.181" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.182 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.182" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.189 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.189" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.200 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.200" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.10 Search vendor "Symantec" for product "Mail Security" and version "5.0.10" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.11 Search vendor "Symantec" for product "Mail Security" and version "5.0.11" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 6.0.6 Search vendor "Symantec" for product "Mail Security" and version "6.0.6" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 6.0.7 Search vendor "Symantec" for product "Mail Security" and version "6.0.7" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5..4.29 Search vendor "Symantec" for product "Mail Security" and version "7.5..4.29" | domino |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5.3.25 Search vendor "Symantec" for product "Mail Security" and version "7.5.3.25" | domino |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5.5.32 Search vendor "Symantec" for product "Mail Security" and version "7.5.5.32" | domino |
Affected
| ||||||