Skip to main content

Autonomy Keyview Multiple Vulnerabilities

Last Update Date: 10 Oct 2011 12:26 Release Date: 10 Oct 2011 6163 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system.

  1. An integer overflow error in jtdsr.dll when parsing QLST chunks within Ichitaro documents can be exploited to cause a heap-based buffer overflow.
  2. A boundary error in jtdsr.dll when parsing Ichitaro documents with a chunk containing "Text" data blocks can be exploited to cause a heap-based buffer overflow.
  3. A logic error in jtdsr.dll when reconstructing text data from multiple data blocks in an Ichitaro document can be exploited to cause a heap-based buffer overflow.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.

Impact

  • Remote Code Execution

System / Technologies affected

  • Autonomy KeyView Filter SDK 10.x
  • Autonomy KeyView Export SDK 10.x
  • Autonomy KeyView Viewing SDK 10.x
  • IBM Lotus Notes 8.x
  • Symantec Data Loss Prevention Endpoint Agents 10.x
  • Symantec Data Loss Prevention Endpoint Agents 11.x
  • Symantec Data Loss Prevention Enforce/Detection Servers for Windows 10.x
  • Symantec Data Loss Prevention Enforce/Detection Servers for Windows 11.x
  • Symantec Mail Security for Domino 7.x
  • Symantec Mail Security for Domino 8.x
  • Symantec Mail Security for Microsoft Exchange 6.x
  • Verity KeyView Export SDK 7.x
  • Verity KeyView Export SDK 9.x
  • Verity KeyView Filter SDK 7.x
  • Verity KeyView Filter SDK 9.x
  • Verity KeyView Viewer SDK 7.x
  • Verity KeyView Viewer SDK 9.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to fixed version.

Vulnerability Identifier


Source


Related Link