CVE-2010-0134

Severity CVSS v4.0:
Pending analysis
Type:
CWE-189 Numeric Errors
Publication date:
17/08/2010
Last modified:
11/04/2025

Description

Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:autonomy:keyview_export_sdk:10.4:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview_export_sdk:10.9:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview_filter_sdk:10.4:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview_filter_sdk:10.9:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview_viewer_sdk:10.4:*:*:*:*:*:*:*
cpe:2.3:a:autonomy:keyview_viewer_sdk:10.9:*:*:*:*:*:*:*