Buffer overflow in Autonomy Keyview

CVE-2011-1218

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained…

Vulnerability class: Buffer Overflow

EPSS: 0.085 (92.5th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview
Ibm Lotus_notes — versions 3.0, 3.0.0.1, 3.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_CONFIRM)
47962 (vdb-entry, x_refsource_BID)
44624 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
oval:org.mitre.oval:def:14238 (x_refsource_OVAL, signature, vdb-entry)
lotus-notes-kvarcve-bo(67625) (vdb-entry, x_refsource_XF)