Buffer overflow in Autonomy Keyview

CVE-2009-3037

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and othe…

Vulnerability class: Buffer Overflow

EPSS: 0.057 (92.0th percentile) — read the EPSS interpretation.

Affected products

Autonomy Keyview
Ibm Lotus_notes — versions 5.0, 5.0.1, 5.0.2
Symantec Brightmail_appliance — versions 5.0, 8.0.0, 8.0.1
Symantec Data_loss_prevention_detection_servers — versions 7.2, 8.1.1, 9.0.1
Symantec Data_loss_prevention_endpoint_agents — versions 8.1.1, 9.0.1
Symantec Mail_security — versions 5.0, 5.0.0, 5.0.1
Symantec Mail_security_appliance — versions 5.0, 5.0.0.24, 5.0.0.36
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Patch, vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)