CVE-2010-0126

CWE-119Buffer Overflow5 documents4 sources
Severity
9.3CRITICAL
EPSS
4.6%
top 10.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Autonomy Keyview Export SDKAutonomy Keyview Filter SDKAutonomy Keyview Viewer SDK
Timeline
PublishedAug 17
Latest updateMay 2

Description

Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is not properly handled by the Quattro speed reader (qpssr.dll).

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDautonomy/keyview_export_sdk10.4, 10.9+1
NVDautonomy/keyview_filter_sdk10.4, 10.9+1
NVDautonomy/keyview_viewer_sdk10.4, 10.9+1

🔴Vulnerability Details

2
GHSA
GHSA-mwwx-6vj5-5v8f: Heap-based buffer overflow in an unspecified library in Autonomy KeyView 102022-05-02
CVEList
CVE-2010-0126: Heap-based buffer overflow in an unspecified library in Autonomy KeyView 102010-08-17

💬Community

2
Bugzilla
CVE-2012-2124 squirrelmail: CVE-2010-2813 not fixed in RHSA-2012:01032012-04-20
Bugzilla
CVE-2009-3722 KVM: Check cpl before emulating debug register access2009-10-29
CVE-2010-0126 (CRITICAL CVSS 9.3) | Heap-based buffer overflow in an un | cvebase.io