Vulnerabilites related to symantec - brightmail_appliance
CVE-2009-3037 (GCVE-0-2009-3037)
Vulnerability from cvelistv5
Published
2009-09-01 16:00
Modified
2024-08-07 06:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-2389",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36474"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2389",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"name": "36042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"name": "36472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36472"
},
{
"name": "36474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36474"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"name": "36124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3037",
"datePublished": "2009-09-01T16:00:00",
"dateReserved": "2009-09-01T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-09-01 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
"matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
"matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
"matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
"matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF63CB53-00F5-42F5-B2AC-A0B02DB9B636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA56769-FBFE-4546-8672-5FB3BADF939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E09688-A7FA-496B-AA03-D211BF09FA23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34D947D4-2750-4C73-8CEA-6F9BF3DA5C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
"matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "B00BFCE1-D01F-408C-931B-A19BC472124B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "3A5F6573-0FF1-4660-A9B9-5C6696525C82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en xlssr.dll en Autonomy KeyView XLS viewer(tambi\u00e9n conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de una manipulaci\u00f3n de la hoja de c\u00e1lculo .xls adjunta."
}
],
"id": "CVE-2009-3037",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-01T16:30:00.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}