cvelistv5 - cve-2008-4564

CVE-2008-4564 (GCVE-0-2008-4564)

Vulnerability from cvelistv5

Published

2009-03-18 15:00

Modified

2024-08-07 10:24

Severity ?

CWE

Summary

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

References

URL

Tags

	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0744	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/34303	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1021859	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/34307	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	x_refsource_CONFIRM
	http://secunia.com/advisories/34318	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1021856	vdb-entry, x_refsource_SECTRACK
	http://securitytracker.com/id?1021857	vdb-entry, x_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/276563	third-party-advisory, x_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2009/0756	vdb-entry, x_refsource_VUPEN
	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html	x_refsource_CONFIRM
	http://secunia.com/advisories/34355	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/52713	vdb-entry, x_refsource_OSVDB
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/34086	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2009/0757	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:24:18.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
          },
          {
            "name": "ADV-2009-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0744"
          },
          {
            "name": "34303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34303"
          },
          {
            "name": "1021859",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021859"
          },
          {
            "name": "34307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34307"
          },
          {
            "name": "autonomy-keyview-wp6sr-bo(49284)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
          },
          {
            "name": "34318",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34318"
          },
          {
            "name": "1021856",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021856"
          },
          {
            "name": "1021857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021857"
          },
          {
            "name": "VU#276563",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/276563"
          },
          {
            "name": "ADV-2009-0756",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0756"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
          },
          {
            "name": "34355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34355"
          },
          {
            "name": "52713",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/52713"
          },
          {
            "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
          },
          {
            "name": "34086",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34086"
          },
          {
            "name": "ADV-2009-0757",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0757"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
        },
        {
          "name": "ADV-2009-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0744"
        },
        {
          "name": "34303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34303"
        },
        {
          "name": "1021859",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021859"
        },
        {
          "name": "34307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34307"
        },
        {
          "name": "autonomy-keyview-wp6sr-bo(49284)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
        },
        {
          "name": "34318",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34318"
        },
        {
          "name": "1021856",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021856"
        },
        {
          "name": "1021857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021857"
        },
        {
          "name": "VU#276563",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/276563"
        },
        {
          "name": "ADV-2009-0756",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0756"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
        },
        {
          "name": "34355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34355"
        },
        {
          "name": "52713",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/52713"
        },
        {
          "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
        },
        {
          "name": "34086",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34086"
        },
        {
          "name": "ADV-2009-0757",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0757"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
            },
            {
              "name": "ADV-2009-0744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0744"
            },
            {
              "name": "34303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34303"
            },
            {
              "name": "1021859",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021859"
            },
            {
              "name": "34307",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34307"
            },
            {
              "name": "autonomy-keyview-wp6sr-bo(49284)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
            },
            {
              "name": "34318",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34318"
            },
            {
              "name": "1021856",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021856"
            },
            {
              "name": "1021857",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021857"
            },
            {
              "name": "VU#276563",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/276563"
            },
            {
              "name": "ADV-2009-0756",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0756"
            },
            {
              "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
              "refsource": "CONFIRM",
              "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
            },
            {
              "name": "34355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34355"
            },
            {
              "name": "52713",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/52713"
            },
            {
              "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
            },
            {
              "name": "34086",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34086"
            },
            {
              "name": "ADV-2009-0757",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0757"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4564",
    "datePublished": "2009-03-18T15:00:00.000Z",
    "dateReserved": "2008-10-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T10:24:18.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-AVI-110

Vulnerability from certfr_avis

Une vulnérabililité a été identifiée dans l'application IBM Lotus Notes. Elle concerne l'affichage de documents de type WordPerfect. Cette vulnérabilité peut être exploitée à distance par une personne malveillante pour exécuter des commandes arbitraires sur le système.

Description

Une vulnérabililité a été identifiée dans l'application IBM Lotus Notes. Elle concerne l'affichage de documents de type WordPerfect qui s'appuie sur la bibliothèque wp6sr.dll (Autonomy KeyView). La vulnérabilité est semblable à celle mentionnée dans l'avis CERTA-2009-AVI-097 du 18 mars 2009.

Elle peut être exploitée à distance par une personne malveillante pour exécuter des commandes arbitraires sur le système.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	IBM Lotus Notes File Viewer, pour les versions 5.x, 6.5, 7.0 et 8.0.

References

Title

Publication Time

Tags

Publication IBM 1377573 du 17 mars 2009	None	vendor-advisory
Bulletin de sécurité IBM swg21377573 du 17 mars 2009 :	-	other
Bulletin de sécurité iDefense 774 du 17 mars 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Lotus Notes File Viewer, pour les versions 5.x, 6.5, 7.0 et 8.0.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabililit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans l\u0027application IBM Lotus Notes.\nElle concerne l\u0027affichage de documents de type WordPerfect qui s\u0027appuie\nsur la biblioth\u00e8que wp6sr.dll (Autonomy KeyView). La vuln\u00e9rabilit\u00e9 est\nsemblable \u00e0 celle mentionn\u00e9e dans l\u0027avis CERTA-2009-AVI-097 du 18 mars\n2009.\n\nElle peut \u00eatre exploit\u00e9e \u00e0 distance par une personne malveillante pour\nex\u00e9cuter des commandes arbitraires sur le syst\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4564"
    }
  ],
  "initial_release_date": "2009-03-23T00:00:00",
  "last_revision_date": "2009-03-23T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21377573 du 17 mars 2009 :",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21377573"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense 774 du 17 mars 2009 :",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    }
  ],
  "reference": "CERTA-2009-AVI-110",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-03-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabililit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans l\u0027application IBM Lotus Notes.\nElle concerne l\u0027affichage de documents de type WordPerfect. Cette\nvuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e \u00e0 distance par une personne\nmalveillante pour ex\u00e9cuter des commandes arbitraires sur le syst\u00e8me.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans IBM Lotus Notes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Publication IBM 1377573 du 17 mars 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-097

Vulnerability from certfr_avis

Une vulnérabilité dans un module tiers de certains produits Symantec permet une exécution de code arbitraire à distance.

Description

Une vulnérabilité a été découverte dans le module tiers Autonomy KeyView, inclus dans de nombreux produits Symantec. L'exploitation de cette vulnérabilité permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec Mail Security for SMTP versions 5.0.x ;
Symantec	N/A	Symantec Brightmail Appliance (sauf les versions 8.x) ;
Symantec	N/A	Symantec Mail Security Appliance/Symantec Brightmail Appliance versions 5.0.x et ultérieures ;
Symantec	N/A	Symantec Data Loss Prevention Endpoint Agents versions 8.0 et 8.1.x.
Symantec	N/A	Symantec Mail Security for Microsoft Exchange versions 5.0.10, 5.0.11, 6.0.6 et 6.0.7 ;
Symantec	N/A	Symantec Mail Security for Domino versions 7.5.3.25, 7.5.4.29 et 7.5.5.32 ;
Symantec	N/A	Symantec Data Loss Prevention Detection Servers/Enforce versions 7.x, 8.0 et 8.1.x ;

References

Title

Publication Time

Tags

Bulletin de sécurité Symantec SYM09-004 du 17 mars 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec Mail Security for SMTP versions 5.0.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Brightmail Appliance (sauf les versions 8.x) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security Appliance/Symantec Brightmail Appliance versions 5.0.x et ult\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Data Loss Prevention Endpoint Agents versions 8.0 et 8.1.x.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Microsoft Exchange versions 5.0.10, 5.0.11, 6.0.6 et 6.0.7 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Mail Security for Domino versions 7.5.3.25, 7.5.4.29 et 7.5.5.32 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Data Loss Prevention Detection Servers/Enforce versions 7.x, 8.0 et 8.1.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le module tiers Autonomy\nKeyView, inclus dans de nombreux produits Symantec. L\u0027exploitation de\ncette vuln\u00e9rabilit\u00e9 permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-4564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4564"
    }
  ],
  "initial_release_date": "2009-03-18T00:00:00",
  "last_revision_date": "2009-03-18T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-097",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-03-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans un module tiers de certains produits \u003cspan\nclass=\"textit\"\u003eSymantec\u003c/span\u003e permet une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans des produits Symantec",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM09-004 du 17 mars 2009",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17a.html"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-4564 (GCVE-0-2008-4564)

Vulnerability from cvelistv5

CERTA-2009-AVI-110

Vulnerability from certfr_avis

Description

Solution

CERTA-2009-AVI-097

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature