VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Apr 16, 2026

CVE-2005-2619

CVE-2005-2619

Description

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.

Affected products

14
  • Autonomy Corporation/Keyview Export Sdk
    cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*
  • Autonomy Corporation/Keyview Filter Sdk
    cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*
  • Autonomy Corporation/Keyview Viewer Sdk
    cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*
  • IBM/Lotus Notes11 versions
    cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.