CVE-2008-1101

Name of the Vulnerable Software and Affected Versions Autonomy KeyView versions 7.0.2 through 7.0.3 IBM Lotus Notes versions 7.0.2 through 7.0.3

Description The issue is related to a buffer overflow in the kvdocve.dll component of the KeyView document viewing engine. This can be exploited by remote attackers to execute arbitrary code. The exploitation can occur through a long pathname, for example, via a long SRC attribute of an IMG element in an HTML document.

Recommendations For Autonomy KeyView versions 7.0.2 through 7.0.3, update to a version that fixes the buffer overflow issue in kvdocve.dll. For IBM Lotus Notes versions 7.0.2 through 7.0.3, update to a version that includes the fixed KeyView document viewing engine.