CVE-2008-1101 Information
Description
Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView as used by IBM Lotus Notes 7.0.2 and 7.0.3 allows remote attackers to execute arbitrary code via a long pathname as demonstrated by a long SRC attribute of an IMG element in an HTML document.
Reference
http://secunia.com/advisories/28140 http://secunia.com/advisories/28209 http://secunia.com/advisories/28210 http://secunia.com/secunia_research/2008-12/advisory/ http://www.securityfocus.com/archive/1/490826/100/0/threaded http://www.securityfocus.com/bid/28454 http://www.vupen.com/english/advisories/2008/1153 http://www.vupen.com/english/advisories/2008/1156 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453 https://exchange.xforce.ibmcloud.com/vulnerabilities/41725
Share on: