CVE-2009-3032
Summary
| CVE | CVE-2009-3032 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-03-05 19:30:00 UTC |
| Updated | 2013-02-07 04:21:00 UTC |
| Description | Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. |
Risk And Classification
Problem Types: CWE-189
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Lotus Notes | 8.5 | All | All | All |
| Application | Ibm | Lotus Notes | 8.5 | All | All | All |
| Application | Symantec | Brightmail Gateway | 8.0 | All | All | All |
| Application | Symantec | Brightmail Gateway | 8.0 | All | All | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 10.0 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 10.0 | All | windows | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 8.1.1 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 8.1.1 | All | windows | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 9.0.1 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 9.0.1 | All | windows | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 10.0 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 10.0 | All | windows | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 8.1.1 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 8.1.1 | All | windows | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 9.0.1 | All | linux | All |
| Application | Symantec | Data Loss Prevention Detection Servers | 9.0.1 | All | windows | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 10.0 | All | All | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 8.1.1 | All | All | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 9.0.1 | All | All | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 10.0 | All | All | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 8.1.1 | All | All | All |
| Application | Symantec | Data Loss Prevention Endpoint Agents | 9.0.1 | All | All | All |
| Application | Symantec | Im Manager 2007 | All | All | All | All |
| Application | Symantec | Im Manager 2007 | All | All | All | All |
| Application | Symantec | Mail Security | 5.0.0 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.181 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.182 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.189 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.11 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.12 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.13 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.6 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.7 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.8 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 7.5.3.25 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.4.29 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.5.32 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.6 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.7 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.8 | All | domino | All |
| Application | Symantec | Mail Security | 8.0 | All | domino | All |
| Application | Symantec | Mail Security | 8.0.1 | All | domino | All |
| Application | Symantec | Mail Security | 8.0.2 | All | domino | All |
| Application | Symantec | Mail Security | 5.0.0 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.181 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.182 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.1.189 | All | smtp | All |
| Application | Symantec | Mail Security | 5.0.11 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.12 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 5.0.13 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.6 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.7 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 6.0.8 | All | microsoft_exchange | All |
| Application | Symantec | Mail Security | 7.5.3.25 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.4.29 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.5.32 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.6 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.7 | All | domino | All |
| Application | Symantec | Mail Security | 7.5.8 | All | domino | All |
| Application | Symantec | Mail Security | 8.0 | All | domino | All |
| Application | Symantec | Mail Security | 8.0.1 | All | domino | All |
| Application | Symantec | Mail Security | 8.0.2 | All | domino | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM - (July 2010) Fixes for potential security vulnerabilities in Lotus Notes file viewers | CONFIRM | www-01.ibm.com | |
| Security Advisories Relating to Symantec Products - Multi-Vendor Autonomy KeyView Filter Module OLE Document Processing Overflow - March 4, 2010 | Symantec | CONFIRM | www.symantec.com | |
| Public Advisory: 03.04.10 // iDefense Labs | IDEFENSE | labs.idefense.com | Exploit |
| Autonomy KeyView Module OLE Processing Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.