http://www.kb.cert.org/vuls/id/849841
Since CA DLP 14.0, Keyview has been a known vulnerability, and I have not seen any documentation from CA indicating that they have taken any positions, or have upgraded their licensed versions of kvoop for any future releases. Can anyone from CA post to prove that they are compliant with the latest patches to kvoop and are public ally compliant?
Me, personally, I have seen Kvoop just go crazy on policy engines, while choking on certain attachments.
I would appreciate any public information on to the current state of licensing and version information for current builds. It has been confirmed that 14.0+ was affected.
Beeks,
CA DataMinder Engineering are aware of this reported vulnerability.
CA will provide further feedback to the communities and user base when they have fully assessed the situation.
Regards
Andy Devine
Snr. Support Engineer