1. Home
  2. CVE Database
  3. CVE-2009-3032
HIGH · 10.0

CVE-2009-3032

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and ot...

Vulnerability Description

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
IbmLotus Notes8.5
SymantecBrightmail Gateway8.0
SymantecData Loss Prevention Detection Servers8.1.1
SymantecData Loss Prevention Endpoint Agents8.1.1
SymantecIm Manager 2007All versions
SymantecMail Security5.0.0

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2009-3032?

CVE-2009-3032 is a vulnerability with a CVSS score of 10.0 (HIGH). Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and ot...

How severe is CVE-2009-3032?

CVE-2009-3032 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-3032?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Notes, Symantec Brightmail Gateway, Symantec Data Loss Prevention Detection Servers, Symantec Data Loss Prevention Endpoint Agents, Symantec Im Manager 2007.