Buffer overflow in Autonomy Keyview_export_sdk

CVE-2010-0135

Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks."

Vulnerability class: Buffer Overflow

EPSS: 0.040 (89.1th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview_export_sdk — versions 10.9, 10.4
Autonomy Keyview_filter_sdk — versions 10.9, 10.4
Autonomy Keyview_viewer_sdk — versions 10.9, 10.4
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)
PSIRT-CNA@flexerasoftware.com (vdb-entry, x_refsource_BID)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)
PSIRT-CNA@flexerasoftware.com (x_refsource_CONFIRM)