Описание
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*
EPSS
Процентиль: 83%
0.019
Низкий
10 Critical
CVSS2
Дефекты
CWE-189
Связанные уязвимости
github
почти 4 года назад
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
EPSS
Процентиль: 83%
0.019
Низкий
10 Critical
CVSS2
Дефекты
CWE-189