CVE-2009-3032

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

Published: Mar 5, 2010
Updated: Apr 13, 2023
CVE: CVE-2009-3032
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
symantec / data_loss_prevention_detection_servers	9.0.1	9.0.1.x
symantec / mail_security	8.0.2	8.0.2.x
symantec / im_manager_2007	-	-
symantec / mail_security	6.0.7	6.0.7.x
symantec / mail_security	7.5.7	7.5.7.x
symantec / mail_security	6.0.6	6.0.6.x
ibm / lotus_notes	8.5	8.5.x
symantec / data_loss_prevention_detection_servers	10.0	10.0.x
symantec / mail_security	5.0.13	5.0.13.x
symantec / mail_security	8.0.1	8.0.1.x
symantec / data_loss_prevention_detection_servers	8.1.1	8.1.1.x
symantec / mail_security	7.5.6	7.5.6.x
symantec / mail_security	5.0.1.181	5.0.1.181.x
symantec / mail_security	7.5.3.25	7.5.3.25.x
symantec / mail_security	5.0.11	5.0.11.x
symantec / data_loss_prevention_endpoint_agents	9.0.1	9.0.1.x
symantec / mail_security	6.0.8	6.0.8.x
symantec / mail_security	5.0.12	5.0.12.x
symantec / brightmail_gateway	8.0	8.0.x
symantec / mail_security	5.0.1.182	5.0.1.182.x
symantec / data_loss_prevention_endpoint_agents	8.1.1	8.1.1.x
symantec / mail_security	7.5.5.32	7.5.5.32.x
symantec / mail_security	7.5.8	7.5.8.x
symantec / mail_security	5.0.1.189	5.0.1.189.x
symantec / mail_security	7.5.4.29	7.5.4.29.x
symantec / data_loss_prevention_endpoint_agents	10.0	10.0.x
symantec / mail_security	8.0	8.0.x
symantec / mail_security	5.0.0	5.0.0.x

Vulnerability Database

289,697

CVE-2009-3032