QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-2618

Back to search

CVE-2005-2618

Published: Feb 15, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).

VendorProductVersions

n/a

n/a

affected
n/a

References

lotus-kvarcve-filename-bo(24635)
vdb-entry
x_refsource_XF
23067
vdb-entry
x_refsource_OSVDB
lotus-uudrdr-uue-bo(24636)
vdb-entry
x_refsource_XF
ADV-2006-0500
vdb-entry
x_refsource_VUPEN
ADV-2006-0501
vdb-entry
x_refsource_VUPEN
23064
vdb-entry
x_refsource_OSVDB
23066
vdb-entry
x_refsource_OSVDB
1015657
vdb-entry
x_refsource_SECTRACK
23065
vdb-entry
x_refsource_OSVDB
16576
vdb-entry
x_refsource_BID
16100
third-party-advisory
x_refsource_SECUNIA
lotus-htmsr-link-bo(24639)
vdb-entry
x_refsource_XF
lotus-tarrdr-filename-bo(24638)
vdb-entry
x_refsource_XF
VU#884076
third-party-advisory
x_refsource_CERT-VN
16280
third-party-advisory
x_refsource_SECUNIA
23068
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now