Sign-up

ID

VAR-201107-0115


CVE

CVE-2011-0548


TITLE

Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers

Trust: 0.8

sources: CERT/CC: VU#126159

DESCRIPTION

Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding. Autonomy Provided by Autonomy KeyView IDOL Is 1000 A library that decodes the above file formats. IBM Lotus Notes , Lotus Domino , Symantec Mail Security , Hyland OnBase Used in such applications. Autonomy KeyView IDOL Contains multiple vulnerabilities in file decoding.Although the impact will vary depending on the application, service operation may be interrupted by opening a specially crafted file. (DoS) An attacker may be attacked or execute arbitrary code with user privileges. Autonomy KeyView Filter is prone to a buffer-overflow vulnerability because of a failure to properly bounds check user-supplied input. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious file or email attachment. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously discussed in BID 47962 (IBM Lotus Notes Attachment Handling Multiple Buffer Overflow Vulnerabilities) but has been given its own record to better document it. KeyView is a software package for exporting, converting and viewing files in various formats. For more information: SA44820 SOLUTION: Do not open documents from untrusted sources. For more information: SA44820 Successful exploitation requires the attachment content scanning option to be enabled. SOLUTION: Disable the attachment content scanning option. ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. For more information see vulnerability #6 in: SA44624 Please see the vendor's advisory for the list for affected products. ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Autonomy KeyView File Processing Vulnerabilities SECUNIA ADVISORY ID: SA44820 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44820/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44820 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44820/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44820/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44820 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. 1) An error when processing Windows Write (WRI) files can be exploited to cause a stack-based buffer overflow. 2) Some errors when processing unspecified file formats can be exploited to corrupt memory. No further information is currently available. The vulnerabilities are reported in versions prior to 10.13.1. SOLUTION: Update to version 10.13.1. PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC. ORIGINAL ADVISORY: US-CERT (VU#126159): http://www.kb.cert.org/vuls/id/126159 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.87

sources: NVD: CVE-2011-0548 // CERT/CC: VU#126159 // JVNDB: JVNDB-2011-001718 // JVNDB: JVNDB-2011-001933 // BID: 48013 // VULHUB: VHN-48493 // PACKETSTORM: 102365 // PACKETSTORM: 102187 // PACKETSTORM: 101914 // PACKETSTORM: 102081 // PACKETSTORM: 115865

AFFECTED PRODUCTS

vendor:symantecmodel:data loss preventionscope:eqversion:10.5.1

Trust: 1.6

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:7.7

Trust: 1.6

vendor:symantecmodel:data loss preventionscope:eqversion:10.5

Trust: 1.6

vendor:symantecmodel:data loss preventionscope:eqversion:8.1

Trust: 1.6

vendor:symantecmodel:data loss preventionscope:eqversion:8.1.1

Trust: 1.6

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:4.1.0

Trust: 1.6

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:4.0.0

Trust: 1.6

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:5.0

Trust: 1.6

vendor:symantecmodel:data loss preventionscope:eqversion:8.0

Trust: 1.6

vendor:symantecmodel:data loss preventionscope:eqversion:10

Trust: 1.6

vendor:symantecmodel:mail securityscope:eqversion:7.5

Trust: 1.0

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:9.0.1

Trust: 1.0

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:8.0

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:eqversion:7.0

Trust: 1.0

vendor:symantecmodel:mail securityscope:eqversion:6.0.0

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:eqversion:11.0

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:lteversion:10.5.2

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:eqversion:9.0

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:eqversion:7.2

Trust: 1.0

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:9.0

Trust: 1.0

vendor:symantecmodel:brightmail and messaging gatewayscope:lteversion:9.5

Trust: 1.0

vendor:symantecmodel:data loss preventionscope:eqversion:7.1

Trust: 1.0

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:9.0.2

Trust: 1.0

vendor:symantecmodel:mail securityscope:eqversion:8.0

Trust: 1.0

vendor:autonomymodel: - scope: - version: -

Trust: 0.8

vendor:camodel: - scope: - version: -

Trust: 0.8

vendor:emcmodel: - scope: - version: -

Trust: 0.8

vendor:hylandmodel: - scope: - version: -

Trust: 0.8

vendor:lotusmodel: - scope: - version: -

Trust: 0.8

vendor:mcafeemodel: - scope: - version: -

Trust: 0.8

vendor:palisademodel: - scope: - version: -

Trust: 0.8

vendor:proofpointmodel: - scope: - version: -

Trust: 0.8

vendor:symantecmodel: - scope: - version: -

Trust: 0.8

vendor:trend micromodel: - scope: - version: -

Trust: 0.8

vendor:verdasysmodel: - scope: - version: -

Trust: 0.8

vendor:websensemodel: - scope: - version: -

Trust: 0.8

vendor:autonomymodel:keyview idolscope:ltversion:10.13.1 earlier

Trust: 0.8

vendor:symantecmodel:brightmail gateway and symantec messaging gatewayscope:lteversion:9.5

Trust: 0.8

vendor:symantecmodel:data loss prevention endpoint agentsscope:lteversion:10.x

Trust: 0.8

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:11.x

Trust: 0.8

vendor:symantecmodel:data loss prevention enforce/detection serversscope:lteversion:(linux) 10.x

Trust: 0.8

vendor:symantecmodel:data loss prevention enforce/detection serversscope:eqversion:(linux) 11.x

Trust: 0.8

vendor:symantecmodel:data loss prevention enforce/detection serversscope:lteversion:(windows) 10.x

Trust: 0.8

vendor:symantecmodel:data loss prevention enforce/detection serversscope:eqversion:(windows) 11.x

Trust: 0.8

vendor:symantecmodel:mail securityscope:eqversion:(domino) 7.5.x

Trust: 0.8

vendor:symantecmodel:mail securityscope:eqversion:(domino) 8.x

Trust: 0.8

vendor:symantecmodel:mail securityscope:eqversion:(exchange) 6.x

Trust: 0.8

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.5.1

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.5

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.11

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.10

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.9

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.8

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.7

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.6

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.5

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:eqversion:6.0.0.1

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:8.0.6

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:8.0.3

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:8.0.2

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:8.0.1

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.10

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.9

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.8

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.7

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.6

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.325

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.5.32

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.4.29

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.3.25

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5.0.19

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:eqversion:7.5

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:10.5.1

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:10.0.1010.18007

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:9.0.187

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:9.0.2

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:9.0.1

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.1.101

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.1.10.9

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.1.1

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:9.0.3

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.1.6.2

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.1

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.0.10.38

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:11.0

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:10.5

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:eqversion:10.0

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:10.5.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:10.0.1010.18007

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:9.0.185

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:9.0.3

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:9.0.2

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:9.0.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:8.1.101

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:8.1.10.8

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:8.1.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:7.228

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:8.1.5.15

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:8.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:11.0

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:10.5

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:eqversion:10.0

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:10.5.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:10.0.1010.18007

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:9.0.185

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:9.0.3

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:9.0.2

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:9.0.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:8.1.101

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:8.1.10.8

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:8.1.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:7.238

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:8.1.5.15

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:8.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:11.0

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:10.5

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:eqversion:10.0

Trust: 0.3

vendor:symantecmodel:brightmail gateway series appliancescope:eqversion:83000

Trust: 0.3

vendor:symantecmodel:brightmail gatewayscope:eqversion:9.0.2

Trust: 0.3

vendor:symantecmodel:brightmail gatewayscope:eqversion:8.0.2

Trust: 0.3

vendor:symantecmodel:brightmail gatewayscope:eqversion:8.0.1

Trust: 0.3

vendor:symantecmodel:brightmail gatewayscope:eqversion:9.0

Trust: 0.3

vendor:symantecmodel:brightmail gatewayscope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:brightmail and messaging gatewayscope:eqversion:9.5

Trust: 0.3

vendor:mcafeemodel:host data loss preventionscope:eqversion:9.2

Trust: 0.3

vendor:mcafeemodel:host data loss preventionscope:eqversion:9.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:7.0.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:7.0.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:7.0.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.6

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.4

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:6.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:lotus notes fp2scope:eqversion:7.0.2

Trust: 0.3

vendor:ibmmodel:lotus notes fp1scope:eqversion:7.0.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:7.0

Trust: 0.3

vendor:ibmmodel:lotus notes fp2scope:eqversion:6.5.6

Trust: 0.3

vendor:ibmmodel:lotus notes fp3scope:eqversion:6.5.5

Trust: 0.3

vendor:ibmmodel:lotus notes fp2scope:eqversion:6.5.5

Trust: 0.3

vendor:ibmmodel:lotus notes fp1scope:eqversion:6.5.2

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.4

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.3

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:9.2

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.9

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.8

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.5

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.12

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.11

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10.10

Trust: 0.3

vendor:autonomymodel:keyview viewer sdkscope:eqversion:10

Trust: 0.3

vendor:autonomymodel:keyview idolscope:eqversion:10

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.9

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.4

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.3

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:9.2

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.8

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.5

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.12

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.11

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10.10

Trust: 0.3

vendor:autonomymodel:keyview filter sdkscope:eqversion:10

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.4

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.3

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:9.2

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.9

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.8

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.5

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.12

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10.10

Trust: 0.3

vendor:autonomymodel:keyview export sdkscope:eqversion:10

Trust: 0.3

vendor:symantecmodel:messaging gatewayscope:neversion:9.5.1

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:neversion:6.5.5

Trust: 0.3

vendor:symantecmodel:mail security for microsoft exchangescope:neversion:6.0.12

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:neversion:8.0.8

Trust: 0.3

vendor:symantecmodel:mail security for dominoscope:neversion:7.5.11

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:neversion:11.1

Trust: 0.3

vendor:symantecmodel:data loss prevention endpoint agentsscope:neversion:10.5.3

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:neversion:11.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for windowsscope:neversion:10.5.3

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:neversion:11.1

Trust: 0.3

vendor:symantecmodel:data loss prevention detection servers for linuxscope:neversion:10.5.3

Trust: 0.3

vendor:autonomymodel:keyview idolscope:neversion:10.13.1

Trust: 0.3

sources: CERT/CC: VU#126159 // BID: 48013 // JVNDB: JVNDB-2011-001718 // JVNDB: JVNDB-2011-001933 // CNNVD: CNNVD-201106-004 // NVD: CVE-2011-0548

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-0548
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#126159
value: HIGH

Trust: 0.8

NVD: CVE-2011-0548
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201106-004
value: CRITICAL

Trust: 0.6

VULHUB: VHN-48493
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-0548
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CARNEGIE MELLON: VU#126159
severity: HIGH
baseScore: 9.0
vectorString: NONE
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 9.5
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-48493
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#126159 // VULHUB: VHN-48493 // JVNDB: JVNDB-2011-001933 // CNNVD: CNNVD-201106-004 // NVD: CVE-2011-0548

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-48493 // JVNDB: JVNDB-2011-001933 // NVD: CVE-2011-0548

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201106-004

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201106-004

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-001718

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#126159

PATCH
title:KeyView IDOL & Connectorsurl:http://www.autonomy.com/content/Products/idol-modules-connectors/index.en.html
Trust: 0.8
title:Information Connectivityurl:http://www.autonomy.com/content/Technology/idol-functionality-information-connectivity/index.en.html
Trust: 0.8
title:Autonomy Support Siteurl:https://customers.autonomy.com/
Trust: 0.8
title:SYM11-007url:http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00
Trust: 0.8
title:SYM11-007url:http://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-001718 // 
            
            
            
            JVNDB: JVNDB-2011-001933

EXTERNAL IDS
db:NVDid:CVE-2011-0548
Trust: 2.8
db:SECUNIAid:44779
Trust: 2.6
db:SECTRACKid:1025596
Trust: 2.5
db:SECTRACKid:1025594
Trust: 2.5
db:SECTRACKid:1025595
Trust: 2.5
db:CERT/CCid:VU#126159
Trust: 2.3
db:BIDid:48013
Trust: 1.1
db:JVNDBid:JVNDB-2011-001718
Trust: 0.8
db:JVNDBid:JVNDB-2011-001933
Trust: 0.8
db:CNNVDid:CNNVD-201106-004
Trust: 0.7
db:MCAFEEid:SB10024
Trust: 0.4
db:SECUNIAid:50399
Trust: 0.3
db:SECUNIAid:44877
Trust: 0.2
db:SECUNIAid:44878
Trust: 0.2
db:SECUNIAid:44820
Trust: 0.2
db:VULHUBid:VHN-48493
Trust: 0.1
db:PACKETSTORMid:102365
Trust: 0.1
db:PACKETSTORMid:102187
Trust: 0.1
db:PACKETSTORMid:101914
Trust: 0.1
db:PACKETSTORMid:102081
Trust: 0.1
db:PACKETSTORMid:115865
Trust: 0.1
sources:
            
            
            CERT/CC: VU#126159 // 
            
            
            
            VULHUB: VHN-48493 // 
            
            
            
            BID: 48013 // 
            
            
            
            JVNDB: JVNDB-2011-001718 // 
            
            
            
            JVNDB: JVNDB-2011-001933 // 
            
            
            
            PACKETSTORM: 102365 // 
            
            
            
            PACKETSTORM: 102187 // 
            
            
            
            PACKETSTORM: 101914 // 
            
            
            
            PACKETSTORM: 102081 // 
            
            
            
            PACKETSTORM: 115865 // 
            
            
            
            CNNVD: CNNVD-201106-004 // 
            
            
            
            NVD: CVE-2011-0548

REFERENCES
url:http://securitytracker.com/id?1025594
Trust: 2.5
url:http://securitytracker.com/id?1025595
Trust: 2.5
url:http://securitytracker.com/id?1025596
Trust: 2.5
url:http://secunia.com/advisories/44779
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/126159
Trust: 1.5
url:http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00
Trust: 1.0
url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00
Trust: 1.0
url:http://www.autonomy.com/content/products/idol-modules-connectors/index.en.html
Trust: 0.8
url:http://www.autonomy.com/content/technology/idol-functionality-information-connectivity/index.en.html
Trust: 0.8
url:https://customers.autonomy.com
Trust: 0.8
url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20111006_00
Trust: 0.8
url:http://jvn.jp/cert/jvnvu126159
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0548
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0548
Trust: 0.8
url:http://www.securityfocus.com/bid/48013
Trust: 0.8
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.5
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.5
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.5
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.5
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.5
url:https://kc.mcafee.com/corporate/index?page=content&id=sb10024
Trust: 0.4
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.4
url:http://www-01.ibm.com/software/lotus/products/notes/
Trust: 0.3
url:http://www.autonomy.com/content/products/keyview/index.en.html
Trust: 0.3
url:https://www-304.ibm.com/support/docview.wss?uid=swg21500034
Trust: 0.3
url:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=913
Trust: 0.3
url:http://conference.first.org/
Trust: 0.3
url:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00
Trust: 0.1
url:http://secunia.com/advisories/44877/
Trust: 0.1
url:http://secunia.com/advisories/44877/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=44877
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=44878
Trust: 0.1
url:http://secunia.com/advisories/44878/
Trust: 0.1
url:http://secunia.com/advisories/44878/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=44779
Trust: 0.1
url:http://secunia.com/products/corporate/evm/
Trust: 0.1
url:http://secunia.com/advisories/44779/
Trust: 0.1
url:http://www.youtube.com/user/secunia#p/a/u/0/m1y9sjqr2sy
Trust: 0.1
url:http://secunia.com/advisories/44779/#comments
Trust: 0.1
url:http://secunia.com/advisories/44820/#comments
Trust: 0.1
url:http://secunia.com/advisories/44820/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=44820
Trust: 0.1
url:http://secunia.com/advisories/50399/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=50399
Trust: 0.1
url:http://secunia.com/csi6beta
Trust: 0.1
url:http://secunia.com/advisories/50399/#comments
Trust: 0.1
sources:
            
            
            CERT/CC: VU#126159 // 
            
            
            
            VULHUB: VHN-48493 // 
            
            
            
            BID: 48013 // 
            
            
            
            JVNDB: JVNDB-2011-001718 // 
            
            
            
            JVNDB: JVNDB-2011-001933 // 
            
            
            
            PACKETSTORM: 102365 // 
            
            
            
            PACKETSTORM: 102187 // 
            
            
            
            PACKETSTORM: 101914 // 
            
            
            
            PACKETSTORM: 102081 // 
            
            
            
            PACKETSTORM: 115865 // 
            
            
            
            CNNVD: CNNVD-201106-004 // 
            
            
            
            NVD: CVE-2011-0548

CREDITS
Secunia
Trust: 0.5
sources:
            
            
            PACKETSTORM: 102365 // 
            
            
            
            PACKETSTORM: 102187 // 
            
            
            
            PACKETSTORM: 101914 // 
            
            
            
            PACKETSTORM: 102081 // 
            
            
            
            PACKETSTORM: 115865

SOURCES
db:CERT/CCid:VU#126159
db:VULHUBid:VHN-48493
db:BIDid:48013
db:JVNDBid:JVNDB-2011-001718
db:JVNDBid:JVNDB-2011-001933
db:PACKETSTORMid:102365
db:PACKETSTORMid:102187
db:PACKETSTORMid:101914
db:PACKETSTORMid:102081
db:PACKETSTORMid:115865
db:CNNVDid:CNNVD-201106-004
db:NVDid:CVE-2011-0548

LAST UPDATE DATE
2024-11-23T19:38:15.704000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#126159date:2012-06-04T00:00:00
db:VULHUBid:VHN-48493date:2013-02-07T00:00:00
db:BIDid:48013date:2015-03-19T08:17:00
db:JVNDBid:JVNDB-2011-001718date:2011-06-20T00:00:00
db:JVNDBid:JVNDB-2011-001933date:2011-07-26T00:00:00
db:CNNVDid:CNNVD-201106-004date:2011-07-19T00:00:00
db:NVDid:CVE-2011-0548date:2024-11-21T01:24:16.130

SOURCES RELEASE DATE
db:CERT/CCid:VU#126159date:2011-06-07T00:00:00
db:VULHUBid:VHN-48493date:2011-07-18T00:00:00
db:BIDid:48013date:2011-05-24T00:00:00
db:JVNDBid:JVNDB-2011-001718date:2011-06-20T00:00:00
db:JVNDBid:JVNDB-2011-001933date:2011-07-26T00:00:00
db:PACKETSTORMid:102365date:2011-06-17T04:44:22
db:PACKETSTORMid:102187date:2011-06-12T08:47:41
db:PACKETSTORMid:101914date:2011-06-01T04:21:47
db:PACKETSTORMid:102081date:2011-06-08T02:09:27
db:PACKETSTORMid:115865date:2012-08-24T05:43:31
db:CNNVDid:CNNVD-201106-004date:2011-06-03T00:00:00
db:NVDid:CVE-2011-0548date:2011-07-18T22:55:00.860