CVE-2009-3032

EUVD-2009-3016
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
ibmlotus_notes
8.5
symantecbrightmail_gateway
8.0
symantecdata_loss_prevention_detection_servers
8.1.1
symantecdata_loss_prevention_detection_servers
8.1.1
symantecdata_loss_prevention_detection_servers
9.0.1
symantecdata_loss_prevention_detection_servers
9.0.1
symantecdata_loss_prevention_detection_servers
10.0
symantecdata_loss_prevention_detection_servers
10.0
symantecdata_loss_prevention_endpoint_agents
8.1.1
symantecdata_loss_prevention_endpoint_agents
9.0.1
symantecdata_loss_prevention_endpoint_agents
10.0
symantecim_manager_2007
*
symantecmail_security
5.0.0
symantecmail_security
5.0.1.181
symantecmail_security
5.0.1.182
symantecmail_security
5.0.1.189
symantecmail_security
5.0.11
symantecmail_security
5.0.12
symantecmail_security
5.0.13
symantecmail_security
6.0.6
symantecmail_security
6.0.7
symantecmail_security
6.0.8
symantecmail_security
7.5.3.25
symantecmail_security
7.5.4.29
symantecmail_security
7.5.5.32
symantecmail_security
7.5.6
symantecmail_security
7.5.7
symantecmail_security
7.5.8
symantecmail_security
8.0
symantecmail_security
8.0.1
symantecmail_security
8.0.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
http://www.securityfocus.com/bid/38468
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
http://www.securityfocus.com/bid/38468
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00