CVE-2007-6593

Autonomy KeyView SDK - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6593. PoCs published by Sebastian.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Autonomy KeyView by crafting a malicious file with a structured payload. It includes a NOP sled, a jump instruction, and a placeholder for shellcode, designed to achieve arbitrary code execution.

Description

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sebastian · pythonremotewindows

https://www.exploit-db.com/exploits/30816

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Autonomy KeyView by crafting a malicious file with a structured payload. It includes a NOP sled, a jump instruction, and a placeholder for shellcode, designed to achieve arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Autonomy KeyView (multiple versions)

No auth needed

Prerequisites: Vulnerable version of Autonomy KeyView · Ability to deliver the malicious file to the target

MITRE ATT&CK