{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-03-04T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-08-20T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00"}, {"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"}, {"name": "38468", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38468"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3032", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00", "refsource": "CONFIRM", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00"}, {"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"}, {"name": "38468", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38468"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T06:14:56.444Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00"}, {"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"}, {"name": "38468", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38468"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-3032", "datePublished": "2010-03-05T19:00:00", "dateReserved": "2009-08-31T00:00:00", "dateUpdated": "2024-08-07T06:14:56.444Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*", "matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*", "matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*", "matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*", "matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*", "matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*", "matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*", "matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*", "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*", "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*", "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*", "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*", "matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*", "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*", "matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*", "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*", "matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*", "matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*", "matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*", "matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*", "matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*", "matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."}, {"lang": "es", "value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."}], "id": "CVE-2009-3032", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-03-05T19:30:00.313", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38468"}, {"source": "cve@mitre.org", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/38468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}