CVE-2009-3037: Buffer Overflow
First published: Tue Sep 01 2009(Updated: )
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Notes | =5.0 | |
| IBM Lotus Notes | =5.0.1 | |
| IBM Lotus Notes | =5.0.2 | |
| IBM Lotus Notes | =5.0.3 | |
| IBM Lotus Notes | =5.0.4 | |
| IBM Lotus Notes | =5.0.5 | |
| IBM Lotus Notes | =5.0.6 | |
| IBM Lotus Notes | =5.0.9a | |
| IBM Lotus Notes | =5.0.10 | |
| IBM Lotus Notes | =5.0.11 | |
| IBM Lotus Notes | =5.0.12 | |
| IBM Lotus Notes | =5.02 | |
| IBM Lotus Notes | =6.0 | |
| IBM Lotus Notes | =6.0.1 | |
| IBM Lotus Notes | =6.0.2 | |
| IBM Lotus Notes | =6.0.3 | |
| IBM Lotus Notes | =6.0.4 | |
| IBM Lotus Notes | =6.0.5 | |
| IBM Lotus Notes | =6.5 | |
| IBM Lotus Notes | =6.5.1 | |
| IBM Lotus Notes | =6.5.2 | |
| IBM Lotus Notes | =6.5.3 | |
| IBM Lotus Notes | =6.5.4 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.5 | |
| IBM Lotus Notes | =6.5.6 | |
| IBM Lotus Notes | =6.5.6 | |
| IBM Lotus Notes | =7.0 | |
| IBM Lotus Notes | =7.0.0 | |
| IBM Lotus Notes | =7.0.1 | |
| IBM Lotus Notes | =7.0.2 | |
| IBM Lotus Notes | =7.0.2 | |
| IBM Lotus Notes | =7.0.3 | |
| IBM Lotus Notes | =8.0 | |
| IBM Lotus Notes | =8.0.0 | |
| IBM Lotus Notes | =8.0.1 | |
| IBM Lotus Notes | =8.5 | |
| Symantec BrightMail Appliance | =5.0 | |
| Symantec BrightMail Appliance | =8.0.0 | |
| Symantec BrightMail Appliance | =8.0.1 | |
| Symantec Data Loss Prevention Detection Servers | =7.2 | |
| Symantec Data Loss Prevention Detection Servers | =8.1.1 | |
| Symantec Data Loss Prevention Detection Servers | =8.1.1 | |
| Symantec Data Loss Prevention Detection Servers | =9.0.1 | |
| Symantec Data Loss Prevention Detection Servers | =9.0.1 | |
| Symantec Data Loss Prevention Endpoint Agents | =8.1.1 | |
| Symantec Data Loss Prevention Endpoint Agents | =9.0.1 | |
| Symantec Mail Security | =5.0 | |
| Symantec Mail Security | =5.0.0 | |
| Symantec Mail Security | =5.0.1 | |
| Symantec Mail Security | =5.0.1.181 | |
| Symantec Mail Security | =5.0.1.182 | |
| Symantec Mail Security | =5.0.1.189 | |
| Symantec Mail Security | =5.0.1.200 | |
| Symantec Mail Security | =5.0.10 | |
| Symantec Mail Security | =5.0.11 | |
| Symantec Mail Security | =5.0.12 | |
| Symantec Mail Security | =6.0.6 | |
| Symantec Mail Security | =6.0.7 | |
| Symantec Mail Security | =6.0.8 | |
| Symantec Mail Security | =7.5.3.25 | |
| Symantec Mail Security | =7.5.4.29 | |
| Symantec Mail Security | =7.5.5.32 | |
| Symantec Mail Security | =7.5.6 | |
| Symantec Mail Security | =8.0 | |
| Symantec Mail Security Appliance | =5.0 | |
| Symantec Mail Security Appliance | =5.0.0.24 | |
| Symantec Mail Security Appliance | =5.0.0.36 | |
| Autonomy KeyView |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg21396492
- http://secunia.com/advisories/36474
- http://secunia.com/advisories/36472
- http://www.securityfocus.com/bid/36042
- http://www.securityfocus.com/bid/36124
- http://www.vupen.com/english/advisories/2009/2389
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm lotus notes
- version/ibm lotus notes/5.0
- version/ibm lotus notes/5.0.1
- version/ibm lotus notes/5.0.2
- version/ibm lotus notes/5.0.3
- version/ibm lotus notes/5.0.4
- version/ibm lotus notes/5.0.5
- version/ibm lotus notes/5.0.6
- version/ibm lotus notes/5.0.9a
- version/ibm lotus notes/5.0.10
- version/ibm lotus notes/5.0.11
- version/ibm lotus notes/5.0.12
- version/ibm lotus notes/5.02
- version/ibm lotus notes/6.0
- version/ibm lotus notes/6.0.1
- version/ibm lotus notes/6.0.2
- version/ibm lotus notes/6.0.3
- version/ibm lotus notes/6.0.4
- version/ibm lotus notes/6.0.5
- version/ibm lotus notes/6.5
- version/ibm lotus notes/6.5.1
- version/ibm lotus notes/6.5.2
- version/ibm lotus notes/6.5.3
- version/ibm lotus notes/6.5.4
- version/ibm lotus notes/6.5.5
- version/ibm lotus notes/6.5.6
- version/ibm lotus notes/7.0
- version/ibm lotus notes/7.0.0
- version/ibm lotus notes/7.0.1
- version/ibm lotus notes/7.0.2
- version/ibm lotus notes/7.0.3
- version/ibm lotus notes/8.0
- version/ibm lotus notes/8.0.0
- version/ibm lotus notes/8.0.1
- version/ibm lotus notes/8.5
- vendor/symantec
- canonical/symantec brightmail appliance
- version/symantec brightmail appliance/5.0
- version/symantec brightmail appliance/8.0.0
- version/symantec brightmail appliance/8.0.1
- canonical/symantec data loss prevention detection servers
- version/symantec data loss prevention detection servers/7.2
- version/symantec data loss prevention detection servers/8.1.1
- version/symantec data loss prevention detection servers/9.0.1
- canonical/symantec data loss prevention endpoint agents
- version/symantec data loss prevention endpoint agents/8.1.1
- version/symantec data loss prevention endpoint agents/9.0.1
- canonical/symantec mail security
- version/symantec mail security/5.0
- version/symantec mail security/5.0.0
- version/symantec mail security/5.0.1
- version/symantec mail security/5.0.1.181
- version/symantec mail security/5.0.1.182
- version/symantec mail security/5.0.1.189
- version/symantec mail security/5.0.1.200
- version/symantec mail security/5.0.10
- version/symantec mail security/5.0.11
- version/symantec mail security/5.0.12
- version/symantec mail security/6.0.6
- version/symantec mail security/6.0.7
- version/symantec mail security/6.0.8
- version/symantec mail security/7.5.3.25
- version/symantec mail security/7.5.4.29
- version/symantec mail security/7.5.5.32
- version/symantec mail security/7.5.6
- version/symantec mail security/8.0
- canonical/symantec mail security appliance
- version/symantec mail security appliance/5.0
- version/symantec mail security appliance/5.0.0.24
- version/symantec mail security appliance/5.0.0.36
- vendor/autonomy
- canonical/autonomy keyview