Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3037

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-3037
Last Modified 06 Feb 2013 11:21:29
Published 01 Sep 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-3037

Summary

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

Vulnerable Systems

Application

  • Autonomy Keyview

  • Ibm Lotus Notes 5.0

  • Ibm Lotus Notes 5.0.1

  • Ibm Lotus Notes 5.0.10

  • Ibm Lotus Notes 5.0.11

  • Ibm Lotus Notes 5.0.12

  • Ibm Lotus Notes 5.0.2

  • Ibm Lotus Notes 5.0.3

  • Ibm Lotus Notes 5.0.4

  • Ibm Lotus Notes 5.0.5

  • Ibm Lotus Notes 5.0.6

  • Ibm Lotus Notes 5.0.9a

  • Ibm Lotus Notes 5.02

  • Ibm Lotus Notes 6.0

  • Ibm Lotus Notes 6.0.1

  • Ibm Lotus Notes 6.0.2

  • Ibm Lotus Notes 6.0.3

  • Ibm Lotus Notes 6.0.4

  • Ibm Lotus Notes 6.0.5

  • Ibm Lotus Notes 6.5

  • Ibm Lotus Notes 6.5.1

  • Ibm Lotus Notes 6.5.2

  • Ibm Lotus Notes 6.5.3

  • Ibm Lotus Notes 6.5.4

  • Ibm Lotus Notes 6.5.5

  • Ibm Lotus Notes 6.5.6

  • Ibm Lotus Notes 7.0

  • Ibm Lotus Notes 7.0.0

  • Ibm Lotus Notes 7.0.1

  • Ibm Lotus Notes 7.0.2

  • Ibm Lotus Notes 7.0.3

  • Ibm Lotus Notes 8.0

  • Ibm Lotus Notes 8.0.0

  • Ibm Lotus Notes 8.0.1

  • Ibm Lotus Notes 8.5

  • Symantec Brightmail Appliance 5.0

  • Symantec Brightmail Appliance 8.0.0

  • Symantec Brightmail Appliance 8.0.1

  • Symantec Data Loss Prevention Detection Servers 7.2

  • Symantec Data Loss Prevention Detection Servers 8.1.1

  • Symantec Data Loss Prevention Detection Servers 9.0.1

  • Symantec Data Loss Prevention Endpoint Agents 8.1.1

  • Symantec Data Loss Prevention Endpoint Agents 9.0.1

  • Symantec Mail Security 5.0

  • Symantec Mail Security 5.0.0

  • Symantec Mail Security 5.0.1

  • Symantec Mail Security 5.0.1.181

  • Symantec Mail Security 5.0.1.182

  • Symantec Mail Security 5.0.1.189

  • Symantec Mail Security 5.0.1.200

  • Symantec Mail Security 5.0.10

  • Symantec Mail Security 5.0.11

  • Symantec Mail Security 5.0.12

  • Symantec Mail Security 6.0.6

  • Symantec Mail Security 6.0.7

  • Symantec Mail Security 6.0.8

  • Symantec Mail Security 7.5.3.25

  • Symantec Mail Security 7.5.4.29

  • Symantec Mail Security 7.5.5.32

  • Symantec Mail Security 7.5.6

  • Symantec Mail Security 8.0

  • Symantec Mail Security Appliance 5.0

  • Symantec Mail Security Appliance 5.0.0.24

  • Symantec Mail Security Appliance 5.0.0.36


References

VUPEN - ADV-2009-2389

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21396492

CONFIRM - http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00

BID - 36124

BID - 36042

SECUNIA - 36474

SECUNIA - 36472

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00


Last Updated: 27 May 2016 11:01:48