Lucene search

MitreCVE-2009-3032

HistoryMar 05, 2010 - 7:30 p.m.

CVE-2009-3032

2010-03-0519:30:00

CWE-189

mitre

web.nvd.nist.gov

cve-2009-3032

integer overflow

autonomy keyview filter sdk

ibm lotus notes

symantec mail security

ole document

buffer overflow

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.004

Percentile

75.2%

JSON

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

ibmlotus_notesMatch8.5

symantecbrightmail_gatewayMatch8.0

symantecdata_loss_prevention_detection_serversMatch8.1.1linux

symantecdata_loss_prevention_detection_serversMatch8.1.1windows

symantecdata_loss_prevention_detection_serversMatch9.0.1linux

symantecdata_loss_prevention_detection_serversMatch9.0.1windows

symantecdata_loss_prevention_detection_serversMatch10.0linux

symantecdata_loss_prevention_detection_serversMatch10.0windows

symantecdata_loss_prevention_endpoint_agentsMatch8.1.1

symantecdata_loss_prevention_endpoint_agentsMatch9.0.1

symantecdata_loss_prevention_endpoint_agentsMatch10.0

symantecim_manager_2007

symantecmail_securityMatch5.0.0smtp

symantecmail_securityMatch5.0.1.181smtp

symantecmail_securityMatch5.0.1.182smtp

symantecmail_securityMatch5.0.1.189smtp

symantecmail_securityMatch5.0.11microsoft_exchange

symantecmail_securityMatch5.0.12microsoft_exchange

symantecmail_securityMatch5.0.13microsoft_exchange

symantecmail_securityMatch6.0.6microsoft_exchange

symantecmail_securityMatch6.0.7microsoft_exchange

symantecmail_securityMatch6.0.8microsoft_exchange

symantecmail_securityMatch7.5.3.25domino

symantecmail_securityMatch7.5.4.29domino

symantecmail_securityMatch7.5.5.32domino

symantecmail_securityMatch7.5.6domino

symantecmail_securityMatch7.5.7domino

symantecmail_securityMatch7.5.8domino

symantecmail_securityMatch8.0domino

symantecmail_securityMatch8.0.1domino

symantecmail_securityMatch8.0.2domino

VendorProductVersionCPE
ibmlotus_notes8.5cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
symantecbrightmail_gateway8.0cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*
symantecdata_loss_prevention_detection_servers8.1.1cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*
symantecdata_loss_prevention_detection_servers8.1.1cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*
symantecdata_loss_prevention_detection_servers9.0.1cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*
symantecdata_loss_prevention_detection_servers9.0.1cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*
symantecdata_loss_prevention_detection_servers10.0cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*
symantecdata_loss_prevention_detection_servers10.0cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*
symantecdata_loss_prevention_endpoint_agents8.1.1cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*
symantecdata_loss_prevention_endpoint_agents9.0.1cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_notes	8.5	cpe:2.3:a:ibm:lotus_notes:8.5:::::::*
symantec	brightmail_gateway	8.0	cpe:2.3:a:symantec:brightmail_gateway:8.0:::::::*
symantec	data_loss_prevention_detection_servers	8.1.1	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1::linux:::::
symantec	data_loss_prevention_detection_servers	8.1.1	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1::windows:::::
symantec	data_loss_prevention_detection_servers	9.0.1	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1::linux:::::
symantec	data_loss_prevention_detection_servers	9.0.1	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1::windows:::::
symantec	data_loss_prevention_detection_servers	10.0	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0::linux:::::
symantec	data_loss_prevention_detection_servers	10.0	cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0::windows:::::
symantec	data_loss_prevention_endpoint_agents	8.1.1	cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:::::::*
symantec	data_loss_prevention_endpoint_agents	9.0.1	cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:::::::*