CVE-2010-0126
Published Aug 17, 2010
Last updated 12 years ago
Overview
- Description
- Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is not properly handled by the Quattro speed reader (qpssr.dll).
- Source
- PSIRT-CNA@flexerasoftware.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F588C397-FB3F-4A04-A015-B6F6D9C3B994"
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C456319D-6699-4970-A146-6E52DD285D7F"
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C558D1E3-4C6B-4C00-A415-5B9E343073D8"
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "706571F3-D347-4760-A55B-4F465DAFCBFF"
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4056FDC9-27A4-41D9-9C84-B50A66F30161"
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73ECC62B-CED2-4401-A2F7-8E714D20D111"
}
],
"operator": "OR"
}
]
}
]