CVE-2010-1525 Information

Description

Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9 as used in multiple IBM Symantec and other products allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type which triggers a heap-based buffer overflow.

Reference

http://secunia.com/secunia_research/2010-49/ http://www.securityfocus.com/bid/41928 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01 http://www-01.ibm.com/support/docview.wss?uid=swg21440812