Showing 1 - 1 of 1

CVE-2005-2619

Status Candidate

Overview

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.

Related Files

secunia-LotusTraverse.txt: Posted Feb 13, 2006; Authored by Carsten Eiram, Tan Chew Keong | Site secunia.com; Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to directory traversal errors in kvarcve.dll when generating the preview of a compressed file from ZIP, UUE and TAR archives. This can be exploited to delete arbitrary files that are accessible to the Notes user. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.; tags | advisory, arbitrary, file inclusion; advisories | CVE-2005-2619; SHA-256 | a9bc2a3a0141f79688e6b766ca98f395753401a2d0e8795deb887ac34da40f1f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 202 files
Ubuntu 76 files
Debian 24 files
Ahmet Umit Bayram 6 files
Gentoo 5 files
Amit Roy 4 files
ron190 4 files
Furkan Eren Tetik 4 files
Google Security Research 3 files
Jann Horn 3 files

File Archives

Systems

AIX (429)
Apple (2,089)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,072)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,505)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,147)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,149)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,606)
UNIX (9,422)
UnixWare (187)
Windows (6,665)
Other

CVE-2005-2619

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems