Info

Disclosure

Feb 10, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Verity KeyView Viewer SDK. 'tarrdr.dll' fails to perform bounds checking on filenames of files contained by TAR archives, resulting in a stack based overflow. With a specially crafted TAR archive, an attacker can cause arbitrary code execution when the archive is extracted with an application using the vulnerable viewer, resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Upgrade to version 8.2, 9.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Autonomy	Verity KeyView Viewer SDK	7.0a
		7.4

International Business Machines Corporation	Lotus Notes	6.5.3
		6.0.4
		6.0
		6.0.1
		6.0.1.1
		6.0.1.2
		6.0.1.3
		6.0.2.1
		6.0.2.2
		6.0.3
		6.0.5
		6.5
		6.5.1
		6.5.2
		6.5.2.1
		6.5.3.1
		7.0

References

Security Tracker: 1015657
Secunia Advisory ID: 16100 16280 27376
CVE ID: 2005-2618 (see also: NVD)
SCIP VulDB ID: 2041
Related OSVDB ID: 23064 23065 23066 23068
CERT VU: 884076
VUPEN Advisory: ADV-2006-0500
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0186.html
Vendor Specific Advisory URL: http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918
Vendor URL: http://www.verity.com/products/oem/keyview/features/keyview_viewing_sdk.html
http://www.verity.com/products/oem_solutions/keyview/

Credit

Carsten Eiram - -

Direct URL: http://osvdb.org/23067

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Autonomy

Verity KeyView Viewer SDK

International Business Machines Corporation

Lotus Notes

References

Credit