Detections
Analytics

CVE-2008-4564

high

Description

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/49284

https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html

http://www.vupen.com/english/advisories/2009/0757

http://www.vupen.com/english/advisories/2009/0756

http://www.vupen.com/english/advisories/2009/0744

http://www.symantec.com/avcenter/security/Content/2009.03.17a.html

http://www.securitytracker.com/id?1021859

http://www.securityfocus.com/bid/34086

http://www.kb.cert.org/vuls/id/276563

http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573

http://securitytracker.com/id?1021857

http://securitytracker.com/id?1021856

http://secunia.com/advisories/34355

http://secunia.com/advisories/34318

http://secunia.com/advisories/34307

http://secunia.com/advisories/34303

http://osvdb.org/52713

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774

Details

Source: Mitre, NVD

Published: 2009-03-18

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.06757