Showing 1 - 1 of 1

CVE-2005-2619

Status Candidate

Overview

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.

Related Files

secunia-LotusTraverse.txt: Posted Feb 13, 2006; Authored by Carsten Eiram, Tan Chew Keong | Site secunia.com; Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to directory traversal errors in kvarcve.dll when generating the preview of a compressed file from ZIP, UUE and TAR archives. This can be exploited to delete arbitrary files that are accessible to the Notes user. Affected versions are Lotus Notes 6.5.4 and Lotus Notes 7.0.; tags | advisory, arbitrary, file inclusion; advisories | CVE-2005-2619; SHA-256 | a9bc2a3a0141f79688e6b766ca98f395753401a2d0e8795deb887ac34da40f1f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 248 files
Ubuntu 87 files
Gentoo 31 files
Debian 19 files
tmrswrr 10 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
bRpsd 4 files
Google Security Research 3 files
jheysel-r7 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,080)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,409)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,312)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,667)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

CVE-2005-2619

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems