Lucene search

FlexeraCVE-2010-0131

HistoryAug 17, 2010 - 8:00 p.m.

CVE-2010-0131

2010-08-1720:00:02

CWE-119

flexera

web.nvd.nist.gov

cve-2010-0131

buffer overflow

lotus 123

wkssr.dll

autonomy keyview

symantec mail security

nvd

security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

Low

EPSS

0.026

Percentile

90.3%

JSON

Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types.

Affected configurations

Nvd

Node

autonomykeyview_export_sdkMatch10.4

autonomykeyview_export_sdkMatch10.9

autonomykeyview_filter_sdkMatch10.4

autonomykeyview_filter_sdkMatch10.9

autonomykeyview_viewer_sdkMatch10.4

autonomykeyview_viewer_sdkMatch10.9

symantecmail_security

VendorProductVersionCPE
autonomykeyview_export_sdk10.4cpe:2.3:a:autonomy:keyview_export_sdk:10.4:*:*:*:*:*:*:*
autonomykeyview_export_sdk10.9cpe:2.3:a:autonomy:keyview_export_sdk:10.9:*:*:*:*:*:*:*
autonomykeyview_filter_sdk10.4cpe:2.3:a:autonomy:keyview_filter_sdk:10.4:*:*:*:*:*:*:*
autonomykeyview_filter_sdk10.9cpe:2.3:a:autonomy:keyview_filter_sdk:10.9:*:*:*:*:*:*:*
autonomykeyview_viewer_sdk10.4cpe:2.3:a:autonomy:keyview_viewer_sdk:10.4:*:*:*:*:*:*:*
autonomykeyview_viewer_sdk10.9cpe:2.3:a:autonomy:keyview_viewer_sdk:10.9:*:*:*:*:*:*:*
symantecmail_security*cpe:2.3:a:symantec:mail_security:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
autonomy	keyview_export_sdk	10.4	cpe:2.3:a:autonomy:keyview_export_sdk:10.4:::::::*
autonomy	keyview_export_sdk	10.9	cpe:2.3:a:autonomy:keyview_export_sdk:10.9:::::::*
autonomy	keyview_filter_sdk	10.4	cpe:2.3:a:autonomy:keyview_filter_sdk:10.4:::::::*
autonomy	keyview_filter_sdk	10.9	cpe:2.3:a:autonomy:keyview_filter_sdk:10.9:::::::*
autonomy	keyview_viewer_sdk	10.4	cpe:2.3:a:autonomy:keyview_viewer_sdk:10.4:::::::*
autonomy	keyview_viewer_sdk	10.9	cpe:2.3:a:autonomy:keyview_viewer_sdk:10.9:::::::*
symantec	mail_security	*	cpe:2.3:a:symantec:mail_security::::::::

References

secunia.com/secunia_research/2010-23/

secunia.com/secunia_research/2010-25/

www-01.ibm.com/support/docview.wss?uid=swg21440812

www.securityfocus.com/bid/41928

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.4

Confidence

Low

EPSS

0.026

Percentile

90.3%

JSON

Related for CVE-2010-0131