PT-2010-1280 · Symantec+3 · Symantec Mail Security For Microsoft Exchange+3
Publicado
2010-03-05
·
Atualizado
2013-02-07
·
CVE-2009-3032
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Autonomy KeyView Filter SDK versions 8.5.0.8339 through 10.5.0.0
IBM Lotus Notes version 8.5
Symantec Mail Security for Microsoft Exchange versions 5.0.10 through 5.0.13
Description
The issue allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow due to an integer overflow in kvolefio.dll.
Recommendations
For Autonomy KeyView Filter SDK versions 8.5.0.8339 through 10.5.0.0, update to a version that fixes the integer overflow issue in kvolefio.dll.
For IBM Lotus Notes version 8.5, update to a version that includes a fixed Autonomy KeyView Filter SDK.
For Symantec Mail Security for Microsoft Exchange versions 5.0.10 through 5.0.13, update to a version that includes a fixed Autonomy KeyView Filter SDK.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Autonomy Keyview Filter Sdk
Ibm Lotus Notes
Exchange Server
Symantec Mail Security For Microsoft Exchange