CVE-2008-4564
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
Desbordamiento de búfer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar código de su elección mediante un fichero Word Perfect Document (WPD) manipulado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-10-14 CVE Reserved
- 2009-03-18 CVE Published
- 2024-06-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774 | Third Party Advisory | |
| http://osvdb.org/52713 | Vdb Entry | |
| http://secunia.com/advisories/34303 | Third Party Advisory | |
| http://secunia.com/advisories/34318 | Third Party Advisory | |
| http://secunia.com/advisories/34355 | Third Party Advisory | |
| http://securitytracker.com/id?1021856 | Vdb Entry | |
| http://securitytracker.com/id?1021857 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/276563 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/34086 | Vdb Entry | |
| http://www.securitytracker.com/id?1021859 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0756 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2009/0757 | Vdb Entry | |
| https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49284 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/34307 | 2017-08-08 | |
| http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573 | 2017-08-08 | |
| http://www.symantec.com/avcenter/security/Content/2009.03.17a.html | 2017-08-08 | |
| http://www.vupen.com/english/advisories/2009/0744 | 2017-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Export Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 10 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Export Sdk Search vendor "Autonomy" for product "Keyview Export Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Export Sdk" and version "10.3" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 10 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Filter Sdk Search vendor "Autonomy" for product "Keyview Filter Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Filter Sdk" and version "10.3" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | <= 10.4 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version " <= 10.4" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 2.0 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 9.2.0 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "9.2.0" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 10 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "10" | - |
Affected
| ||||||
| Autonomy Search vendor "Autonomy" | Keyview Viewer Sdk Search vendor "Autonomy" for product "Keyview Viewer Sdk" | 10.3 Search vendor "Autonomy" for product "Keyview Viewer Sdk" and version "10.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 5.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "5.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 5.0.12 Search vendor "Ibm" for product "Lotus Notes" and version "5.0.12" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0 Search vendor "Ibm" for product "Lotus Notes" and version "6.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.1 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.4 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.1 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.2 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.3 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.4 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | fp2 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.5" | fp3 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.6 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5.6 Search vendor "Ibm" for product "Lotus Notes" and version "6.5.6" | fp2 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0 Search vendor "Ibm" for product "Lotus Notes" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.1 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.2 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.2" | fp1 |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0.3 Search vendor "Ibm" for product "Lotus Notes" and version "7.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 8.0 Search vendor "Ibm" for product "Lotus Notes" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Altiris Deployment Solution Search vendor "Symantec" for product "Altiris Deployment Solution" | * | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Brightmail Search vendor "Symantec" for product "Brightmail" | 5.0 Search vendor "Symantec" for product "Brightmail" and version "5.0" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 7.0 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "7.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.0 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.1" | linux |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Detection Servers Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Detection Servers" and version "8.1" | windows |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Endpoint Agents Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" | 8.0 Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Data Loss Prevention Endpoint Agents Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" | 8.1 Search vendor "Symantec" for product "Data Loss Prevention Endpoint Agents" and version "8.1" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 7.0 Search vendor "Symantec" for product "Enforce" and version "7.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.0 Search vendor "Symantec" for product "Enforce" and version "8.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.1 Search vendor "Symantec" for product "Enforce" and version "8.1" | linux |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Enforce Search vendor "Symantec" for product "Enforce" | 8.1 Search vendor "Symantec" for product "Enforce" and version "8.1" | windows |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0 Search vendor "Symantec" for product "Mail Security" and version "5.0" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0 Search vendor "Symantec" for product "Mail Security" and version "5.0.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0 Search vendor "Symantec" for product "Mail Security" and version "5.0.0" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.0.24 Search vendor "Symantec" for product "Mail Security" and version "5.0.0.24" | appliance |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1 Search vendor "Symantec" for product "Mail Security" and version "5.0.1" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.181 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.181" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.182 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.182" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.189 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.189" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.1.200 Search vendor "Symantec" for product "Mail Security" and version "5.0.1.200" | smtp |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.10 Search vendor "Symantec" for product "Mail Security" and version "5.0.10" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 5.0.11 Search vendor "Symantec" for product "Mail Security" and version "5.0.11" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 6.0.6 Search vendor "Symantec" for product "Mail Security" and version "6.0.6" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 6.0.7 Search vendor "Symantec" for product "Mail Security" and version "6.0.7" | microsoft_exchange |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5..4.29 Search vendor "Symantec" for product "Mail Security" and version "7.5..4.29" | domino |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5.3.25 Search vendor "Symantec" for product "Mail Security" and version "7.5.3.25" | domino |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Mail Security Search vendor "Symantec" for product "Mail Security" | 7.5.5.32 Search vendor "Symantec" for product "Mail Security" and version "7.5.5.32" | domino |
Affected
| ||||||