CVE-2009-3032: Buffer Overflow
First published: Fri Mar 05 2010(Updated: )
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Data Loss Prevention | =9.0.1 | |
| Symantec Mail Security | =8.0.2 | |
| Symantec Identity Manager | ||
| Symantec Mail Security | =6.0.7 | |
| Symantec Mail Security | =7.5.7 | |
| Symantec Mail Security | =6.0.6 | |
| IBM Lotus Notes | =8.5 | |
| Symantec Data Loss Prevention | =10.0 | |
| Symantec Mail Security | =5.0.13 | |
| Symantec Mail Security | =8.0.1 | |
| Symantec Data Loss Prevention | =8.1.1 | |
| Symantec Mail Security | =7.5.6 | |
| Symantec Mail Security | =5.0.1.181 | |
| Symantec Mail Security | =7.5.3.25 | |
| Symantec Mail Security | =5.0.11 | |
| Symantec Data Loss Prevention | =8.1.1 | |
| Symantec Data Loss Prevention | =10.0 | |
| Symantec Data Loss Prevention | =9.0.1 | |
| Symantec Mail Security | =6.0.8 | |
| Symantec Mail Security | =5.0.12 | |
| Symantec Brightmail Gateway | =8.0 | |
| Symantec Mail Security | =5.0.1.182 | |
| Symantec Data Loss Prevention | =8.1.1 | |
| Symantec Mail Security | =7.5.5.32 | |
| Symantec Mail Security | =7.5.8 | |
| Symantec Mail Security | =5.0.1.189 | |
| Symantec Mail Security | =7.5.4.29 | |
| Symantec Data Loss Prevention | =10.0 | |
| Symantec Mail Security | =8.0 | |
| Symantec Mail Security | =5.0.0 | |
| Symantec Data Loss Prevention | =9.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/38468
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858
- http://www-01.ibm.com/support/docview.wss?uid=swg21440812
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/symantec
- canonical/symantec data loss prevention
- version/symantec data loss prevention/9.0.1
- canonical/symantec mail security
- version/symantec mail security/8.0.2
- canonical/symantec identity manager
- version/symantec mail security/6.0.7
- version/symantec mail security/7.5.7
- version/symantec mail security/6.0.6
- vendor/ibm
- canonical/ibm lotus notes
- version/ibm lotus notes/8.5
- version/symantec data loss prevention/10.0
- version/symantec mail security/5.0.13
- version/symantec mail security/8.0.1
- version/symantec data loss prevention/8.1.1
- version/symantec mail security/7.5.6
- version/symantec mail security/5.0.1.181
- version/symantec mail security/7.5.3.25
- version/symantec mail security/5.0.11
- version/symantec mail security/6.0.8
- version/symantec mail security/5.0.12
- canonical/symantec brightmail gateway
- version/symantec brightmail gateway/8.0
- version/symantec mail security/5.0.1.182
- version/symantec mail security/7.5.5.32
- version/symantec mail security/7.5.8
- version/symantec mail security/5.0.1.189
- version/symantec mail security/7.5.4.29
- version/symantec mail security/8.0
- version/symantec mail security/5.0.0