OSVDB ID: 52713

Title: Autonomy KeyView SDK wp6sr.dll Word Perfect Document Handling Overflow

Info

Disclosure
Mar 17, 2009

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Mar 17, 2009

Description

Classification

 Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Vendor Verified

Solution

 IBM, Symantec, and Autonomy have released patches to address this vulnerability. Additionally, it is possible to temporarily work around the flaw by implementing the following workaround: For Lotus Notes, it is possible to disable the processing of WPD files by removing, or commenting out, the line referencing "wp6sr.dll" from the "KeyView.ini" file within the Lotus Notes program directory. Deleting "wp6sr.dll" from the affected system will also prevent exploitation. For Symantec Mail Security, disabling "content filtering" will prevent exploitation.

Products

Unknown or Incomplete

References

Credit

Unknown or Incomplete


Direct URL: http://osvdb.org/52713