CVE-2008-4564 Information

Description

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier as used in IBM Lotus Notes Symantec Mail Security (SMS) products Symantec BrightMail Appliance products and Symantec Data Loss Prevention (DLP) products allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774 http://osvdb.org/52713 http://secunia.com/advisories/34303 http://secunia.com/advisories/34307 http://secunia.com/advisories/34318 http://secunia.com/advisories/34355 http://securitytracker.com/id?1021856 http://securitytracker.com/id?1021857 http://www.kb.cert.org/vuls/id/276563 http://www.securityfocus.com/bid/34086 http://www.securitytracker.com/id?1021859 http://www.symantec.com/avcenter/security/Content/2009.03.17a.html http://www.vupen.com/english/advisories/2009/0744 http://www.vupen.com/english/advisories/2009/0756 http://www.vupen.com/english/advisories/2009/0757 http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573 https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter20SDK/10.4/kv_update_nti40_10.4.zip.readme.html https://exchange.xforce.ibmcloud.com/vulnerabilities/49284