Vulnerability in Autonomy Keyview_export_sdk

CVE-2010-0134

Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in a…

EPSS: 0.040 (89.1th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview_export_sdk — versions 10.9, 10.4
Autonomy Keyview_filter_sdk — versions 10.9, 10.4
Autonomy Keyview_viewer_sdk — versions 10.9, 10.4
N/a — versions n/a

Weakness classification (CWE)

CWE-189

References

PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
PSIRT-CNA@flexerasoftware.com (vdb-entry, x_refsource_BID)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)