CVE-2010-0134 Information

Description

Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9 as used in multiple IBM Symantec and other products allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file which triggers a buffer overflow.

Reference

http://secunia.com/secunia_research/2010-27/ http://www.securityfocus.com/bid/41928 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01 http://www-01.ibm.com/support/docview.wss?uid=swg21440812