All the vulnerabilites related to symantec - data_loss_prevention_endpoint_agents
Vulnerability from fkie_nvd
Published
2009-09-01 16:30
Modified
2024-11-21 01:06
Severity ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF63CB53-00F5-42F5-B2AC-A0B02DB9B636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA56769-FBFE-4546-8672-5FB3BADF939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E09688-A7FA-496B-AA03-D211BF09FA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34D947D4-2750-4C73-8CEA-6F9BF3DA5C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B00BFCE1-D01F-408C-931B-A19BC472124B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5F6573-0FF1-4660-A9B9-5C6696525C82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en xlssr.dll en Autonomy KeyView XLS viewer(tambi\u00e9n conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de una manipulaci\u00f3n de la hoja de c\u00e1lculo .xls adjunta."
}
],
"id": "CVE-2009-3037",
"lastModified": "2024-11-21T01:06:22.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-01T16:30:00.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:06
Severity ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*",
"matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*",
"matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*",
"matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."
}
],
"id": "CVE-2009-3032",
"lastModified": "2024-11-21T01:06:21.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-18 15:30
Modified
2024-11-21 00:51
Severity ?
Summary
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B16D7CE-3770-46A6-BECA-76989E9639BE",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB3799E-43FC-40AA-85EC-72D87962C95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B92810D7-A5C2-4118-8B67-9E1A49C6C4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "893D0CC9-971E-4C78-AD80-D004D8BB5F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15B8E1D9-ADF9-40B2-A652-53CDEF60FAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "177E8A5C-0812-47BC-9CFC-F8E25A0F42AB",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E3B7CC-48D2-4EB0-A0D9-44AA6947CF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B90F221E-6C5A-4844-A098-53BE40E78A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F4A68C-EF5D-41BB-A518-D277927D80D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6E0041-6647-4B04-B4C1-019E1F12E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD370EEA-A33C-45B2-8FC6-C419AD6468E4",
"versionEndIncluding": "10.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE65E34-052C-4614-BA69-71D96EBC65E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D56C0E-3403-4B91-A064-69E46770FBBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB6C6D0-0848-45D0-ACA7-03B46F42AE76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E50CAF0-1F3A-4F57-A8DA-91B7840BBE3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D6701EB-AF87-4B63-A8B5-AA27C28DFFB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "E1BE16AC-118D-4BA0-AE37-3DB2E4E417DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F945149-43CC-4EAC-9A78-C6A3BA6FAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D42BEF4-9BB4-4CCF-9395-C306C3CEBB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "DC2C0DBF-382C-4F96-8497-2FABD7CB67C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "42A91935-15AC-4F64-AD3D-EFAD08955562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37076C05-12CE-484C-AB10-711BABFF6992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A5F3BAC-B470-4FB7-88AF-47A33D46EF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD0A99F-6B8A-4BB9-B8A7-40BB5D7B7CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8960720-5DF0-4F4C-9603-09A85FAF843D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "3E9D9CE3-109C-4035-9934-2B457268985D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "E258E769-38CC-4E62-8158-3D549263ED1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
"matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C890707A-D2DF-403A-87CB-2AB01E85D8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
"matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*",
"matchCriteriaId": "5BBAE476-DB98-4464-81DF-8EC386E808B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*",
"matchCriteriaId": "225BA7A2-8C45-42F1-921B-105CF8F0F22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "B1E6B709-B44B-47AC-A7FF-0C248D777D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero Word Perfect Document (WPD) manipulado."
}
],
"id": "CVE-2008-4564",
"lastModified": "2024-11-21T00:51:59.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-18T15:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52713"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34303"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34307"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34318"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34355"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021856"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021857"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0757"
},
{
"source": "cve@mitre.org",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2009-3032
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00 | x_refsource_CONFIRM | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21440812 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/38468 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38468"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3032",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2009-08-31T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4564
Vulnerability from cvelistv5
Published
2009-03-18 15:00
Modified
2024-08-07 10:24
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:18.984Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4564",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
},
{
"name": "ADV-2009-0744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0744"
},
{
"name": "34303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34303"
},
{
"name": "1021859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021859"
},
{
"name": "34307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34307"
},
{
"name": "autonomy-keyview-wp6sr-bo(49284)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
},
{
"name": "34318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34318"
},
{
"name": "1021856",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021856"
},
{
"name": "1021857",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021857"
},
{
"name": "VU#276563",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276563"
},
{
"name": "ADV-2009-0756",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0756"
},
{
"name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
"refsource": "CONFIRM",
"url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
},
{
"name": "34355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34355"
},
{
"name": "52713",
"refsource": "OSVDB",
"url": "http://osvdb.org/52713"
},
{
"name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
},
{
"name": "34086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34086"
},
{
"name": "ADV-2009-0757",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0757"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4564",
"datePublished": "2009-03-18T15:00:00",
"dateReserved": "2008-10-14T00:00:00",
"dateUpdated": "2024-08-07T10:24:18.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3037
Vulnerability from cvelistv5
Published
2009-09-01 16:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/2389 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/36042 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/36472 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/36474 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21396492 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/36124 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36474"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3037",
"datePublished": "2009-09-01T16:00:00",
"dateReserved": "2009-09-01T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}