Buffer overflow in Autonomy Keyview_idol

CVE-2012-6349

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.

Vulnerability class: Buffer Overflow

EPSS: 0.063 (91.1th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview_idol
Ibm Lotus_notes — versions 8.5, 8.5.0.0, 8.5.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)