Vulnerability Name:

CVE-2005-2619 (CCN-24637)

Assigned:2005-12-31
Published:2005-12-31
Updated:2018-10-19
Summary:Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.
CVSS v3 Severity:6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:C)
4.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Complete
Vulnerability Type:CWE-22
Vulnerability Consequences:File Manipulation
References:Source: MITRE
Type: CNA
CVE-2005-2619

Source: CCN
Type: SA16100
Verity KeyView SDK Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
16100

Source: CCN
Type: SA16280
IBM Lotus Notes Multiple Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
16280

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2005-30/advisory/

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2005-66/advisory/

Source: CCN
Type: SECTRACK ID: 1015657
IBM Lotus Domino/Notes Archive Processing Buffer Overflow and Directory Traversal Bugs Let Remote Users Execute Arbitrary Code and Delete Files

Source: SECTRACK
Type: Patch
1015657

Source: CCN
Type: Lotus Support Services Technote 1229918
Potential Buffer Overflow and Directory Traversal Vulnerabilities in Lotus Notes File Viewers

Source: CONFIRM
Type: Patch
http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918

Source: CCN
Type: IBM Software Support Web site
Lotus Support

Source: OSVDB
Type: Patch
23066

Source: CCN
Type: OSVDB ID: 23066
Verity KeyView Viewer SDK kvarcve.dll Compressed File Preview Traversal Arbitrary File Deletion

Source: BUGTRAQ
Type: UNKNOWN
20060210 Secunia Research: Lotus Notes Multiple Archive Handling DirectoryTraversal

Source: BID
Type: UNKNOWN
16576

Source: CCN
Type: BID-16576
IBM Lotus Notes File Attachment Handling Multiple Remote Vulnerabilities

Source: CCN
Type: Verity Web site
Verity Products - Keyview

Source: VUPEN
Type: UNKNOWN
ADV-2006-0500

Source: XF
Type: UNKNOWN
lotus-kvarcve-directory-traversal(24637)

Source: XF
Type: UNKNOWN
lotus-kvarcve-directory-traversal(24637)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*
  • OR cpe:/a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*
  • OR cpe:/a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*
  • OR cpe:/a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*
  • OR cpe:/a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    autonomy keyview export sdk *
    autonomy keyview filter sdk *
    autonomy keyview viewer sdk *
    ibm lotus notes 6.0.1
    ibm lotus notes 6.0.2
    ibm lotus notes 6.0.3
    ibm lotus notes 6.0.4
    ibm lotus notes 6.0.5
    ibm lotus notes 6.5
    ibm lotus notes 6.5.1
    ibm lotus notes 6.5.2
    ibm lotus notes 6.5.3
    ibm lotus notes 6.5.4
    ibm lotus notes 7.0
    ibm lotus notes 6.0.1
    ibm lotus notes 6.0.3
    ibm lotus notes 6.5
    ibm lotus notes 6.0.2.2
    ibm lotus notes 6.0
    ibm lotus notes 6.5.3
    ibm lotus notes 6.5.2
    ibm lotus notes 6.5.1
    ibm lotus notes 6.5.3.1
    ibm lotus notes 6.0.4
    ibm lotus notes 7.0
    ibm lotus notes 6.0.5
    autonomy keyview export sdk *
    autonomy keyview filter sdk *
    autonomy keyview viewer sdk *