Aggregates CVE and security vulnerability intelligence across all autonomy-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk buffer overflow and vendor risk path handling, with potential vendor impact application crash and vendor impact memory corruption across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-6349 | Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W. | [email protected] | 9.3 | 6.33% | 2013-07-18 | 2026-04-29 |
| CVE-2011-1512 | Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. | [email protected] | 9.3 | 21.61% | 2011-05-31 | 2026-04-29 |
| CVE-2011-1218 | Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information. | [email protected] | 9.3 | 8.46% | 2011-05-31 | 2026-04-29 |
| CVE-2010-1525 | Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type, which triggers a heap-based buffer overflow. | [email protected] | 9.3 | 2.58% | 2010-08-17 | 2026-04-29 |
| CVE-2010-1524 | The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via unspecified vectors related to allocation of an array of pointers and "string indexing," which triggers memory corruption. | [email protected] | 9.3 | 2.50% | 2010-08-17 | 2026-04-29 |
| CVE-2010-0135 | Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks." | [email protected] | 9.3 | 4.64% | 2010-08-17 | 2026-04-29 |
| CVE-2010-0134 | Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted \ls keyword in a list override table entry in an RTF file, which triggers a buffer overflow. | [email protected] | 9.3 | 4.34% | 2010-08-17 | 2026-04-29 |
| CVE-2010-0133 | Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allow remote attackers to execute arbitrary code via unspecified vectors related to "certain records." | [email protected] | 9.3 | 4.64% | 2010-08-17 | 2026-04-29 |
| CVE-2010-0131 | Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types. | [email protected] | 9.3 | 6.06% | 2010-08-17 | 2026-04-29 |
| CVE-2010-0126 | Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is not properly handled by the Quattro speed reader (qpssr.dll). | [email protected] | 9.3 | 4.64% | 2010-08-17 | 2026-04-29 |
| CVE-2009-3037 | Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. | [email protected] | 9.3 | 18.49% | 2009-09-01 | 2026-04-23 |
| CVE-2008-4564 | Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. | [email protected] | 9.3 | 50.83% | 2009-03-18 | 2026-04-23 |
| CVE-2009-0347 | Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter. | [email protected] | 5.8 | 2.95% | 2009-01-29 | 2026-04-23 |
| CVE-2008-1718 | Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. | [email protected] | 9.3 | 6.50% | 2008-04-10 | 2026-04-23 |
| CVE-2008-1101 | Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document. | [email protected] | 9.3 | 23.46% | 2008-04-10 | 2026-04-23 |
| CVE-2008-0066 | Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | [email protected] | 9.3 | 27.08% | 2008-04-10 | 2026-04-23 |
| CVE-2007-6020 | Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file. | [email protected] | 9.3 | 34.74% | 2008-04-10 | 2026-04-23 |
| CVE-2007-5406 | kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. | [email protected] | 9.3 | 25.81% | 2008-04-10 | 2026-04-23 |
| CVE-2007-5405 | Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. | [email protected] | 9.3 | 34.74% | 2008-04-10 | 2026-04-23 |
| CVE-2007-5399 | Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, rela | [email protected] | 9.3 | 27.46% | 2008-04-10 | 2026-04-23 |