GCVE - cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Autonomy (`4dbfff08-c261-5d74-b3cf-569764d60a7c`)
Product	Keyview Viewer Sdk (`029c0168-2947-5355-87df-09044547cf76`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-4564`	vulnerable	2026-06-08 04:50:39.361763	Details available Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. Published: 2009-03-18T15:00:00.000Z Updated: 2024-08-07T10:24:18.984Z Open on db.gcve.eu Reference links http://www.symantec.com/avcenter/security/Content/2009.03.17a.html http://www.vupen.com/english/advisories/2009/0744 http://secunia.com/advisories/34303 http://www.securitytracker.com/id?1021859 http://secunia.com/advisories/34307	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6008`	vulnerable	2026-06-08 04:50:07.462438	Details available Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2007-11-15T22:00:00.000Z Updated: 2024-09-16T17:47:47.596Z Open on db.gcve.eu Reference links http://secunia.com/advisories/27304	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-5910`	vulnerable	2026-06-08 04:50:07.238228	Details available Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file. Published: 2007-11-10T02:00:00.000Z Updated: 2024-08-07T15:47:00.587Z Open on db.gcve.eu Reference links http://vuln.sg/lotusnotes702wpd-en.html http://securityreason.com/securityalert/3357 http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://securitytracker.com/id?1018853 http://www.securityfocus.com/archive/1/482664	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-5909`	vulnerable	2026-06-08 04:50:07.235647	Details available Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910. Published: 2007-11-10T02:00:00.000Z Updated: 2024-08-07T15:47:00.550Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/3357 http://www.zerodayinitiative.com/advisories/ZDI-07-059.html http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 http://securitytracker.com/id?1018853 http://www.securityfocus.com/archive/1/482664	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2619`	vulnerable	2026-06-08 04:48:29.852587	Details available Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview. Published: 2006-02-15T00:00:00.000Z Updated: 2024-08-07T22:30:01.806Z Open on db.gcve.eu Reference links http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918 http://www.vupen.com/english/advisories/2006/0500 http://www.osvdb.org/23066 http://www.securityfocus.com/archive/1/424717/100/0/threaded http://securitytracker.com/id?1015657	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2618`	vulnerable	2026-06-08 04:48:29.849386	Details available Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). Published: 2006-02-15T00:00:00.000Z Updated: 2024-08-07T22:30:02.167Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/24635 http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918 http://secunia.com/secunia_research/2005-34/advisory/ http://www.osvdb.org/23067 https://exchange.xforce.ibmcloud.com/vulnerabilities/24636	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.