2010-03-05 20:30:00 2013-02-07 05:21:28

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Symantec Mail security 7.5.3.25 Domino (not an official CPE) Symantec Mail security 8.0.1 Domino (not an official CPE) Symantec Data loss prevention endpoint agents 10.0 (not an official CPE) Symantec Mail security 8.0.2 Domino (not an official CPE) Symantec Mail security 5.0.1.181 Smtp (not an official CPE) Symantec Data loss prevention detection servers 10.0 Linux (not an official CPE) Symantec Mail security 5.0.1.182 Smtp (not an official CPE) Symantec Data loss prevention detection servers 8.1.1 Linux (not an official CPE) Symantec Data loss prevention detection servers 8.1.1 Windows (not an official CPE) Symantec Mail security 5.0.1.189 Smtp (not an official CPE) Symantec Brightmail gateway 8.0 (not an official CPE) Symantec Mail security 7.5.8 Domino (not an official CPE) Symantec Mail security 7.5.6 Domino (not an official CPE) Symantec Mail security 7.5.7 Domino (not an official CPE) Symantec Data loss prevention detection servers 10.0 Windows (not an official CPE) Symantec Mail security 5.0.12 Microsoft exchange (not an official CPE) Symantec Mail security 5.0.13 Microsoft exchange (not an official CPE) Symantec Data loss prevention endpoint agents 8.1.1 (not an official CPE) Symantec Im manager 2007 (not an official CPE) Symantec Mail security 7.5.5.32 Domino (not an official CPE) Symantec Mail security 8.0 Domino (not an official CPE) Symantec Mail security 5.0.11 Microsoft exchange (not an official CPE) Symantec Data loss prevention detection servers 9.0.1 Linux (not an official CPE) GNU Gnash 0.8.7 Symantec Data loss prevention detection servers 9.0.1 Windows (not an official CPE) Symantec Mail security 7.5.4.29 Domino (not an official CPE) Symantec Mail security 6.0.6 Microsoft exchange (not an official CPE) Symantec Mail security 6.0.7 Microsoft exchange (not an official CPE) Symantec Mail security 6.0.8 Microsoft exchange (not an official CPE) Symantec Mail security 5.0.0 Smtp (not an official CPE) Symantec Data loss prevention endpoint agents 9.0.1 (not an official CPE)