CVE-2005-2619

Name of the Vulnerable Software and Affected Versions Autonomy KeyView SDK versions prior to 9.2.0 Lotus Notes versions 6.5.4 and 7.0

Description The issue allows remote attackers to delete arbitrary files by exploiting a directory traversal vulnerability. This can be achieved through a ZIP, UUE, or TAR archive containing a .. (dot dot) in the filename, which is not properly handled when generating a preview.

Recommendations For Autonomy KeyView SDK versions prior to 9.2.0, update to version 9.2.0 or later. For Lotus Notes versions 6.5.4 and 7.0, consider restricting access to the KeyView SDK functionality until a patch or update is available.