CVE-2010-0134

Published: Aug 17, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow.

Affected (6)

Products: Autonomy: Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk

3 products

Keyview Export Sdk

Keyview Filter Sdk

Keyview Viewer Sdk

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Autonomy Keyview Export Sdk	Version 10.4
Autonomy Keyview Export Sdk	Version 10.9
Autonomy Keyview Filter Sdk	Version 10.4
Autonomy Keyview Filter Sdk	Version 10.9
Autonomy Keyview Viewer Sdk	Version 10.4
Autonomy Keyview Viewer Sdk	Version 10.9

Related CWEs

References (8)

http://secunia.com/secunia_research/2010-27/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21440812

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/41928

Source: PSIRT-CNA@flexerasoftware.com

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/secunia_research/2010-27/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21440812

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/41928

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.