Description: Multiple vulnerabilities have been reported in Verity Keyview SDK, which potentially can be exploited by malicious people to compromise a user's system.
1) The vulnerabilities are caused due to various errors within the file viewers and can be exploited to cause buffer overflows by tricking a user into viewing a specially crafted file.
The following file viewers are affected:
* mifsr.dll
* awsr.dll
* kpagrdr.dll
* exesr.dll
* rtfsr.dll
* mwsr.dll
* wp6sr.dll
* lasr.dll
2) A boundary error in the EML file viewer (emlsr.dll) when parsing "Content-Type" tags can be exploited to cause a heap-based buffer overflow via a specially crafted EML file containing an overly long "Content-Type" string.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Provided and/or discovered by: 1) Reported in IBM Lotus Notes advisories crediting:
* ZDI
* Tan Chew-Keong
2) Silently fixed in version 2.0.0.4 of emlsr.dll.
Changelog: 2007-10-30: Updated "Solution" section.
2007-11-05: Added information about emlsr.dll vulnerability.
2007-11-13: Added CVE reference.
2007-11-19: Added CVE reference.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
