CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 1CVE-2009-3032
https://notcve.org/view.php?id=CVE-2009-3032
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 http://www-01.ibm.com/support/docview.wss?uid=swg21440812 http://www.securityfocus.com/bid/38468 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 34%CPEs: 70EXPL: 0CVE-2009-3037
https://notcve.org/view.php?id=CVE-2009-3037
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. Desbordamiento de búfer en xlssr.dll en Autonomy KeyView XLS viewer(también conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar código a su elección a través de una manipulación de la hoja de cálculo .xls adjunta. • http://secunia.com/advisories/36472 http://secunia.com/advisories/36474 http://www-01.ibm.com/support/docview.wss?uid=swg21396492 http://www.securityfocus.com/bid/36042 http://www.securityfocus.com/bid/36124 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00 http://www.vupen.com/english/advisories/2009/2389 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •