var-202002-0036
Vulnerability from variot
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code.". Autonomy KeyView IDOL The library contains multiple vulnerabilities in the file parsing process. Autonomy KeyView IDOL Is 1000 A library that decodes these file formats and is used in many applications. Autonomy KeyView IDOL The library contains multiple vulnerabilities such as memory corruption and arbitrary code execution.Although the impact will vary depending on the application, service operation may be interrupted by opening a specially crafted file. ( DoS ) An attacker could be attacked or execute arbitrary code with application privileges. Failed attempts may result in a denial-of-service condition. A security vulnerability exists in Micro Focus Autonomy KeyView IDOL versions prior to 10.16. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Autonomy KeyView File Processing Vulnerabilities
SECUNIA ADVISORY ID: SA51362
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51362/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51362
RELEASE DATE: 2012-11-21
DISCUSS ADVISORY: http://secunia.com/advisories/51362/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51362/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51362
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to errors when processing unspecified file formats and can be exploited to corrupt memory. No further information is currently available.
Successful exploitation may allow execution of arbitrary code.
The vulnerabilities are reported in versions prior to 10.16.
SOLUTION: Update to version 10.16.
PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC
ORIGINAL ADVISORY: US-CERT VU#849841: http://www.kb.cert.org/vuls/id/849841
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0036",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "data loss prevention enforce\\/detection servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "data loss prevention endpoint",
"scope": "lt",
"trust": 1.0,
"vendor": "symantec",
"version": "11.6.1"
},
{
"model": "data loss prevention endpoint",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "domino",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.5.0"
},
{
"model": "domino",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.5.3.6"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.7"
},
{
"model": "mail security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.0"
},
{
"model": "messaging gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "mail security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.7"
},
{
"model": "autonomy keyview idol",
"scope": "lt",
"trust": 1.0,
"vendor": "hp",
"version": "10.16"
},
{
"model": "messaging gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.1"
},
{
"model": "notes",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "notes",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "8.5.3"
},
{
"model": "data loss prevention enforce\\/detection servers",
"scope": "lt",
"trust": 1.0,
"vendor": "symantec",
"version": "11.6.1"
},
{
"model": "keyview idol",
"scope": "lt",
"trust": 0.8,
"vendor": "autonomy",
"version": "library 10.16 earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"model": "lotus notes fp6",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.0"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.1"
},
{
"model": "lotus domino 8.5.3fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "messaging gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.5.1"
},
{
"model": "lotus domino fix pack",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.12"
},
{
"model": "keyview idol",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.2.0"
},
{
"model": "lotus notes fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.2"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "zimbra",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "lotus domino",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.3"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.3"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "data loss prevention detection servers for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "keyview idol",
"scope": "eq",
"trust": 0.3,
"vendor": "autonomy",
"version": "10.13.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1.1"
},
{
"model": "data loss prevention endpoint agents",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"model": "lotus domino 8.5fp1",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "lotus domino fp4",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "lotus domino 8.5.1fp5",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "lotus domino fp3",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "data loss prevention detection servers for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "lotus domino fp2",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.2"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "lotus notes fp5",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.1"
},
{
"model": "lotus notes",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
}
],
"sources": [
{
"db": "BID",
"id": "56610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.3.6",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:notes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.5.3",
"versionStartIncluding": "8.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_enforce\\/detection_servers:*:*:*:*:*:linux:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_loss_prevention_enforce\\/detection_servers:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:6.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:microsoft_exchange:*:*",
"cpe_name": [],
"versionEndIncluding": "6.5.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:*:*:*:*:*:domino:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0.1",
"versionStartIncluding": "9.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:autonomy_keyview_idol:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.16",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Will Dormann",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
}
],
"trust": 0.6
},
"cve": "CVE-2012-6277",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2012-005584",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-59558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6277",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2012-005584",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201211-461",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-59558",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to \"a number of underlying issues\" in which \"some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code.\". Autonomy KeyView IDOL The library contains multiple vulnerabilities in the file parsing process. Autonomy KeyView IDOL Is 1000 A library that decodes these file formats and is used in many applications. Autonomy KeyView IDOL The library contains multiple vulnerabilities such as memory corruption and arbitrary code execution.Although the impact will vary depending on the application, service operation may be interrupted by opening a specially crafted file. ( DoS ) An attacker could be attacked or execute arbitrary code with application privileges. Failed attempts may result in a denial-of-service condition. A security vulnerability exists in Micro Focus Autonomy KeyView IDOL versions prior to 10.16. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAutonomy KeyView File Processing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51362\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51362/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51362\n\nRELEASE DATE:\n2012-11-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51362/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51362/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51362\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Autonomy KeyView,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerabilities are caused due to errors when processing\nunspecified file formats and can be exploited to corrupt memory. No\nfurther information is currently available. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in versions prior to 10.16. \n\nSOLUTION:\nUpdate to version 10.16. \n\nPROVIDED AND/OR DISCOVERED BY:\nWill Dormann, CERT/CC\n\nORIGINAL ADVISORY:\nUS-CERT VU#849841:\nhttp://www.kb.cert.org/vuls/id/849841\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6277"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "BID",
"id": "56610"
},
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "PACKETSTORM",
"id": "118283"
},
{
"db": "PACKETSTORM",
"id": "118291"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#849841",
"trust": 3.0
},
{
"db": "BID",
"id": "56610",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2012-6277",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "51362",
"trust": 0.2
},
{
"db": "SECUNIA",
"id": "51365",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-59558",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118283",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "118291",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "BID",
"id": "56610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "PACKETSTORM",
"id": "118283"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"id": "VAR-202002-0036",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-59558"
}
],
"trust": 0.01
},
"last_update_date": "2024-04-20T19:49:44.965000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Autonomy Global Offices",
"trust": 0.8,
"url": "http://www.autonomy.com/content/autonomy/offices/index.en.html"
},
{
"title": "IDOL\u30b3\u30cd\u30af\u30bf",
"trust": 0.8,
"url": "http://www.autonomy.co.jp/content/technology/idol-functionality-information-connectivity/index.ja.html"
},
{
"title": "KeyView IDOL \u0026 Connectors",
"trust": 0.8,
"url": "http://www.autonomy.com/content/products/idol-modules-connectors/index.en.html"
},
{
"title": "Security Advisories Relating to Symantec Products - Symantec Updates HP Autonomy Keyview Filter Issues Affecting Multiple Vendors",
"trust": 0.8,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026suid=20121120_00"
},
{
"title": "\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u30fc - \u8907\u6570\u306e\u30d9\u30f3\u30c0\u30fc\u304c\u5f71\u97ff\u3092\u53d7\u3051\u308b HP Autonomy KeyView Filter \u306e\u554f\u984c\u306b\u95a2\u3059\u308b\u66f4\u65b0 (SYM12-018)",
"trust": 0.8,
"url": "https://www.symantec.com/ja/jp/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20121120_00"
},
{
"title": "Micro Focus Autonomy KeyView IDOL Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=110271"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.symantec.com/us/en/article.symsa1262.html"
},
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=27482"
},
{
"trust": 1.7,
"url": "https://vulmon.com/vulnerabilitydetails?qid=cve-2012-6277"
},
{
"trust": 1.7,
"url": "https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277/"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/849841/"
},
{
"trust": 1.7,
"url": "https://www.securityfocus.com/bid/56610"
},
{
"trust": 1.7,
"url": "https://www.tenable.com/plugins/nessus/67192"
},
{
"trust": 1.3,
"url": "https://www.kb.cert.org/vuls/id/849841"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu849841"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-6277"
},
{
"trust": 0.4,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20121120_00"
},
{
"trust": 0.3,
"url": "http://www.autonomy.com/content/products/idol-modules-connectors/index.en.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51362/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51362/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51362"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51365/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51365"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51365/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "BID",
"id": "56610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "PACKETSTORM",
"id": "118283"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-59558"
},
{
"db": "BID",
"id": "56610"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"db": "PACKETSTORM",
"id": "118283"
},
{
"db": "PACKETSTORM",
"id": "118291"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-21T00:00:00",
"db": "VULHUB",
"id": "VHN-59558"
},
{
"date": "2012-11-20T00:00:00",
"db": "BID",
"id": "56610"
},
{
"date": "2012-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"date": "2012-11-23T08:19:25",
"db": "PACKETSTORM",
"id": "118283"
},
{
"date": "2012-11-23T08:19:51",
"db": "PACKETSTORM",
"id": "118291"
},
{
"date": "2012-11-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"date": "2020-02-21T17:15:10.883000",
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-59558"
},
{
"date": "2013-03-22T18:56:00",
"db": "BID",
"id": "56610"
},
{
"date": "2012-11-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005584"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-461"
},
{
"date": "2020-03-04T20:18:25.227000",
"db": "NVD",
"id": "CVE-2012-6277"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Autonomy Keyview IDOL Multiple vulnerabilities in the library",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005584"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-461"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.