OSVDB ID: 23066

Title: Verity KeyView Viewer SDK kvarcve.dll Compressed File Preview Traversal Arbitrary File Deletion

Info

Disclosure

Feb 10, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Verity KeyView Viewer SDK contains a flaw that allows a remote attacker to delete arbitrary files. The issue is due to 'kvarcve.dll' not properly checking the filenames of compressed files in ZIP, UUE, and TAR archives for traversal style attacks (../../) when generating their previews.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Upgrade to version 8.2, 9.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Autonomy	Verity KeyView Viewer SDK	7.0a
		7.4

International Business Machines Corporation	Lotus Notes	6.5.3
		6.0.4
		6.0
		6.0.1
		6.0.1.1
		6.0.1.2
		6.0.1.3
		6.0.2.1
		6.0.2.2
		6.0.3
		6.0.5
		6.5
		6.5.1
		6.5.2
		6.5.2.1
		6.5.3.1
		7.0

References

Security Tracker: 1015657
Secunia Advisory ID: 16100 16280 27376
CVE ID: 2005-2619 (see also: NVD)
Related OSVDB ID: 23064 23065 23067 23068
VUPEN Advisory: ADV-2006-0500
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0184.html
Vendor Specific Advisory URL: http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918
Vendor URL: http://www.verity.com/products/oem/keyview/features/keyview_viewing_sdk.html
http://www.verity.com/products/oem_solutions/keyview/

Credit

Tan Chew Keong - vulnsecunia.com - Secunia Research
Carsten Eiram - -

Direct URL: http://osvdb.org/23066

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Autonomy

Verity KeyView Viewer SDK

International Business Machines Corporation

Lotus Notes

References

Credit