CVE-2010-1525 | Vulnerability Database | Aqua Security

Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type, which triggers a heap-based buffer overflow.

Affected Software

Name	Vendor	Start Version	End Version
Keyview_export_sdk	Autonomy	10.4 (including)	10.4 (including)
Keyview_export_sdk	Autonomy	10.9 (including)	10.9 (including)
Keyview_filter_sdk	Autonomy	10.4 (including)	10.4 (including)
Keyview_filter_sdk	Autonomy	10.9 (including)	10.9 (including)
Keyview_viewer_sdk	Autonomy	10.4 (including)	10.4 (including)
Keyview_viewer_sdk	Autonomy	10.9 (including)	10.9 (including)

References

http://secunia.com/secunia_research/2010-49/
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
http://www.securityfocus.com/bid/41928
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01
http://secunia.com/secunia_research/2010-49/
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
http://www.securityfocus.com/bid/41928
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100727_01

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-1525
CWE	https://cwe.mitre.org/data/definitions/189.html