FKIE_CVE-2009-3032

Vulnerability from fkie_nvd - Published: 2010-03-05 19:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858Exploit
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21440812
cve@mitre.orghttp://www.securityfocus.com/bid/38468
cve@mitre.orghttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858Exploit
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21440812
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38468
af854a3a-2127-422b-91ae-364da2661108http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
Impacted products
Vendor Product Version
ibm lotus_notes 8.5
symantec brightmail_gateway 8.0
symantec data_loss_prevention_detection_servers 8.1.1
symantec data_loss_prevention_detection_servers 8.1.1
symantec data_loss_prevention_detection_servers 9.0.1
symantec data_loss_prevention_detection_servers 9.0.1
symantec data_loss_prevention_detection_servers 10.0
symantec data_loss_prevention_detection_servers 10.0
symantec data_loss_prevention_endpoint_agents 8.1.1
symantec data_loss_prevention_endpoint_agents 9.0.1
symantec data_loss_prevention_endpoint_agents 10.0
symantec im_manager_2007 *
symantec mail_security 5.0.0
symantec mail_security 5.0.1.181
symantec mail_security 5.0.1.182
symantec mail_security 5.0.1.189
symantec mail_security 5.0.11
symantec mail_security 5.0.12
symantec mail_security 5.0.13
symantec mail_security 6.0.6
symantec mail_security 6.0.7
symantec mail_security 6.0.8
symantec mail_security 7.5.3.25
symantec mail_security 7.5.4.29
symantec mail_security 7.5.5.32
symantec mail_security 7.5.6
symantec mail_security 7.5.7
symantec mail_security 7.5.8
symantec mail_security 8.0
symantec mail_security 8.0.1
symantec mail_security 8.0.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
              "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
              "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
              "matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*",
              "matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*",
              "matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
              "matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*",
              "matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."
    }
  ],
  "id": "CVE-2009-3032",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-03-05T19:30:00.313",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38468"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.