Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2009-3032

Published: Mar 05, 2010 | Modified: Feb 07, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2009-3032
CWEhttps://cwe.mitre.org/data/definitions/189.html

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Lotus_notes Ibm 8.5 (including) 8.5 (including)
Brightmail_gateway Symantec 8.0 (including) 8.0 (including)
Data_loss_prevention_detection_servers Symantec 8.1.1 (including) 8.1.1 (including)
Data_loss_prevention_detection_servers Symantec 9.0.1 (including) 9.0.1 (including)
Data_loss_prevention_detection_servers Symantec 10.0 (including) 10.0 (including)
Data_loss_prevention_endpoint_agents Symantec 8.1.1 (including) 8.1.1 (including)
Data_loss_prevention_endpoint_agents Symantec 9.0.1 (including) 9.0.1 (including)
Data_loss_prevention_endpoint_agents Symantec 10.0 (including) 10.0 (including)
Im_manager_2007 Symantec * *
Mail_security Symantec 5.0.0 (including) 5.0.0 (including)
Mail_security Symantec 5.0.1.181 (including) 5.0.1.181 (including)
Mail_security Symantec 5.0.1.182 (including) 5.0.1.182 (including)
Mail_security Symantec 5.0.1.189 (including) 5.0.1.189 (including)
Mail_security Symantec 5.0.11 (including) 5.0.11 (including)
Mail_security Symantec 5.0.12 (including) 5.0.12 (including)
Mail_security Symantec 5.0.13 (including) 5.0.13 (including)
Mail_security Symantec 6.0.6 (including) 6.0.6 (including)
Mail_security Symantec 6.0.7 (including) 6.0.7 (including)
Mail_security Symantec 6.0.8 (including) 6.0.8 (including)
Mail_security Symantec 7.5.3.25 (including) 7.5.3.25 (including)
Mail_security Symantec 7.5.4.29 (including) 7.5.4.29 (including)
Mail_security Symantec 7.5.5.32 (including) 7.5.5.32 (including)
Mail_security Symantec 7.5.6 (including) 7.5.6 (including)
Mail_security Symantec 7.5.7 (including) 7.5.7 (including)
Mail_security Symantec 7.5.8 (including) 7.5.8 (including)
Mail_security Symantec 8.0 (including) 8.0 (including)
Mail_security Symantec 8.0.1 (including) 8.0.1 (including)
Mail_security Symantec 8.0.2 (including) 8.0.2 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use