CERTA-2010-AVI-111
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans un module tiers intégré dans certains produits Symantec, et concernant le traitement des documents utilisant la technologie OLE a été corrigée, et le module a été mis à jour.
Description
Une vulnérabilité dans le module tiers Autonomy KeyView Filter, intégré dans certains produits Symantec, et concernant le traitement des documents utilisant la technologie OLE, a été corrigée. La version à jour du module a été intégrée dans les dernières versions des produits Symantec.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Symantec | N/A | Symantec Data Loss Prevention Enforce/Detection Servers for Windows 8.1.1, 9.x, 10.0; | ||
| Symantec | N/A | Symantec IM Manager 2007 8.x. | ||
| Symantec | N/A | Symantec Data Loss Prevention Endpoint Agents 9.x ; | ||
| Symantec | N/A | Symantec Mail Security for SMTP (EOL) 5.0.x ; | ||
| Symantec | N/A | Symantec Data Loss Prevention Endpoint Agents 10.0 ; | ||
| Symantec | N/A | Symantec Mail Security for Domino 8.0.2, 8.0.1, 8.0, 7.5.8, 7.5.7, 7.5.6, 7.5.5.32, 7.5.4.29, 7.5.3.25 ; | ||
| Symantec | N/A | Symantec Data Loss Prevention Enforce/Detection Servers for Linux 8.1.1, 9.x, 10.0; | ||
| Symantec | N/A | Symantec Data Loss Prevention Enforce/Detection Servers 7.2 ; | ||
| Symantec | N/A | Symantec Data Loss Prevention Endpoint Agents 8.1.1 ; | ||
| Symantec | N/A | Symantec Mail Security for Microsoft Exchange 6.0.9, 6.0.8, 6.0.7, 6.0.6, 5.0.13, 5.0.12, 5.0.11, 5.0.10 ; | ||
| Symantec | N/A | Symantec BrightMail Gateway 8.0.0, 8.0.1, 8.0.2 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Data Loss Prevention Enforce/Detection Servers for Windows 8.1.1, 9.x, 10.0;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec IM Manager 2007 8.x.",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Loss Prevention Endpoint Agents 9.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for SMTP (EOL) 5.0.x ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Loss Prevention Endpoint Agents 10.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Domino 8.0.2, 8.0.1, 8.0, 7.5.8, 7.5.7, 7.5.6, 7.5.5.32, 7.5.4.29, 7.5.3.25 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Loss Prevention Enforce/Detection Servers for Linux 8.1.1, 9.x, 10.0;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Loss Prevention Enforce/Detection Servers 7.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Loss Prevention Endpoint Agents 8.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Microsoft Exchange 6.0.9, 6.0.8, 6.0.7, 6.0.6, 5.0.13, 5.0.12, 5.0.11, 5.0.10 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec BrightMail Gateway 8.0.0, 8.0.1, 8.0.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans le module tiers Autonomy KeyView Filter, int\u00e9gr\u00e9\ndans certains produits Symantec, et concernant le traitement des\ndocuments utilisant la technologie OLE, a \u00e9t\u00e9 corrig\u00e9e. La version \u00e0\njour du module a \u00e9t\u00e9 int\u00e9gr\u00e9e dans les derni\u00e8res versions des produits\nSymantec.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3032",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3032"
}
],
"links": [],
"reference": "CERTA-2010-AVI-111",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-03-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans un module tiers int\u00e9gr\u00e9 dans certains produits\nSymantec, et concernant le traitement des documents utilisant la\ntechnologie OLE a \u00e9t\u00e9 corrig\u00e9e, et le module a \u00e9t\u00e9 mis \u00e0 jour.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans des produits Symantec",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM10-006 du 04 mars 2010",
"url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisoryi\u0026suid=2010304_00"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…