Buffer overflow in Autonomy Keyview_export_sdk

CVE-2010-0126

Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated u…

Vulnerability class: Buffer Overflow

EPSS: 0.040 (89.1th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview_export_sdk — versions 10.9, 10.4
Autonomy Keyview_filter_sdk — versions 10.9, 10.4
Autonomy Keyview_viewer_sdk — versions 10.9, 10.4
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
PSIRT-CNA@flexerasoftware.com (vdb-entry, x_refsource_BID)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)