CVE-2010-1524

The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via unspecified vectors related to allocation of an array of pointers and "string indexing," which triggers memory corruption.

Published: Aug 17, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-1524
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
autonomy / keyview_filter_sdk	10.9	10.9.x
autonomy / keyview_viewer_sdk	10.4	10.4.x
autonomy / keyview_filter_sdk	10.4	10.4.x
autonomy / keyview_export_sdk	10.4	10.4.x
autonomy / keyview_export_sdk	10.9	10.9.x
autonomy / keyview_viewer_sdk	10.9	10.9.x

http://secunia.com/secunia_research/2010-35/
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
http://www.securityfocus.com/bid/41928
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01

Vulnerability Database

289,697

CVE-2010-1524