CVE-2005-2618

high

Description

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24639

https://exchange.xforce.ibmcloud.com/vulnerabilities/24638

https://exchange.xforce.ibmcloud.com/vulnerabilities/24636

https://exchange.xforce.ibmcloud.com/vulnerabilities/24635

http://www.vupen.com/english/advisories/2006/0501

http://www.vupen.com/english/advisories/2006/0500

http://www.securityfocus.com/bid/16576

http://www.securityfocus.com/archive/1/424692/100/0/threaded

http://www.securityfocus.com/archive/1/424689/100/0/threaded

http://www.securityfocus.com/archive/1/424666/100/0/threaded

http://www.securityfocus.com/archive/1/424626/100/0/threaded

http://www.osvdb.org/23068

http://www.osvdb.org/23067

http://www.osvdb.org/23066

http://www.osvdb.org/23065

http://www.osvdb.org/23064

http://www.kb.cert.org/vuls/id/884076

http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918

http://securitytracker.com/id?1015657

http://secunia.com/secunia_research/2005-66/advisory/

http://secunia.com/secunia_research/2005-37/advisory/

http://secunia.com/secunia_research/2005-36/advisory/

http://secunia.com/secunia_research/2005-34/advisory/

http://secunia.com/secunia_research/2005-32/advisory/

http://secunia.com/advisories/16280

http://secunia.com/advisories/16100

Details

Source: Mitre, NVD

Published: 2005-12-31

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High