Search criteria
3 vulnerabilities found for brightmail_appliance by symantec
FKIE_CVE-2009-3037
Vulnerability from fkie_nvd - Published: 2009-09-01 16:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF63CB53-00F5-42F5-B2AC-A0B02DB9B636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA56769-FBFE-4546-8672-5FB3BADF939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E09688-A7FA-496B-AA03-D211BF09FA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34D947D4-2750-4C73-8CEA-6F9BF3DA5C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B00BFCE1-D01F-408C-931B-A19BC472124B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5F6573-0FF1-4660-A9B9-5C6696525C82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en xlssr.dll en Autonomy KeyView XLS viewer(tambi\u00e9n conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de una manipulaci\u00f3n de la hoja de c\u00e1lculo .xls adjunta."
}
],
"id": "CVE-2009-3037",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-01T16:30:00.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-3037 (GCVE-0-2009-3037)
Vulnerability from cvelistv5 – Published: 2009-09-01 16:00 – Updated: 2024-08-07 06:14
VLAI?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36474"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3037",
"datePublished": "2009-09-01T16:00:00",
"dateReserved": "2009-09-01T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3037 (GCVE-0-2009-3037)
Vulnerability from nvd – Published: 2009-09-01 16:00 – Updated: 2024-08-07 06:14
VLAI?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36474"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3037",
"datePublished": "2009-09-01T16:00:00",
"dateReserved": "2009-09-01T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}