CVE-2008-1101 - OpenCVE

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Autonomy	Keyview
Ibm	Lotus Notes

Configuration 1 [-]

OR	cpe:2.3:a:autonomy:keyview:2.0.0.2:::::::*
	cpe:2.3:a:autonomy:keyview:10.3.0.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:6.5:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0.2:::::::*
	cpe:2.3:a:ibm:lotus_notes:7.0.3:::::::*

References

Link	Resource
http://secunia.com/advisories/28140	Vendor Advisory
http://secunia.com/advisories/28209	Vendor Advisory
http://secunia.com/advisories/28210	Vendor Advisory
http://secunia.com/secunia_research/2008-12/advisory/	Vendor Advisory
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
http://www.securityfocus.com/archive/1/490826/100/0/threaded
http://www.securityfocus.com/bid/28454
http://www.vupen.com/english/advisories/2008/1153
http://www.vupen.com/english/advisories/2008/1156
https://exchange.xforce.ibmcloud.com/vulnerabilities/41725

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: flexera

Published: 2008-04-10T18:00:00

Updated: 2018-10-11T19:57:01

Reserved: 2008-02-29T00:00:00

Link: CVE-2008-1101

JSON object: View

NVD Information

Status : Modified

Published: 2008-04-10T18:05:00.000

Modified: 2018-10-11T20:29:29.850

Link: CVE-2008-1101

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera"}, "references": [{"name": "28140", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28140"}, {"name": "28209", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28209"}, {"name": "autonomy-keyview-kvdocve-bo(41725)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"}, {"name": "ADV-2008-1156", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1156"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453"}, {"name": "28454", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28454"}, {"name": "28210", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28210"}, {"tags": ["x_refsource_MISC"], "url": "http://secunia.com/secunia_research/2008-12/advisory/"}, {"name": "20080414 Secunia Research: Lotus Notes kvdocve.dll Path Processing BufferOverflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"}, {"name": "ADV-2008-1153", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1153"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2008-1101", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "28140", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28140"}, {"name": "28209", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28209"}, {"name": "autonomy-keyview-kvdocve-bo(41725)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"}, {"name": "ADV-2008-1156", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1156"}, {"name": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453"}, {"name": "28454", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28454"}, {"name": "28210", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28210"}, {"name": "http://secunia.com/secunia_research/2008-12/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2008-12/advisory/"}, {"name": "20080414 Secunia Research: Lotus Notes kvdocve.dll Path Processing BufferOverflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"}, {"name": "ADV-2008-1153", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1153"}]}}}}, "cveMetadata": {"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2008-1101", "datePublished": "2008-04-10T18:00:00", "dateReserved": "2008-02-29T00:00:00", "dateUpdated": "2018-10-11T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419", "vulnerable": true}, {"criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el motor del visor de documentos KeyView de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes 7.0.2 y 7.0.3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un nombre de ruta largo, como se ha demostrado usando un atributo SRC largo en una etiqueta IMG de un documento HTML."}], "id": "CVE-2008-1101", "lastModified": "2018-10-11T20:29:29.850", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-04-10T18:05:00.000", "references": [{"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28140"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28209"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28210"}, {"source": "PSIRT-CNA@flexerasoftware.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/secunia_research/2008-12/advisory/"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/28454"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2008/1153"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2008/1156"}, {"source": "PSIRT-CNA@flexerasoftware.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}