Unrated severityNVD Advisory· Published Apr 10, 2008· Updated Apr 23, 2026

CVE-2008-0066

Description

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.

Affected products

Autonomy Corporation/Keyview
cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*
IBM/Lotus Notes2 versions
cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/28140nvdVendor Advisory
secunia.com/advisories/28209nvdVendor Advisory
secunia.com/advisories/28210nvdVendor Advisory
secunia.com/secunia_research/2008-3/advisory/nvdVendor Advisory
www-1.ibm.com/support/docview.wssnvd
www.securityfocus.com/archive/1/490828/100/0/threadednvd
www.securityfocus.com/bid/28454nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2008/1153nvd
www.vupen.com/english/advisories/2008/1156nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41724nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.022
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000