Unrated severityNVD Advisory· Published Sep 1, 2009· Updated Jun 16, 2026
CVE-2009-3037
CVE-2009-3037
Description
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.
Affected products
72- cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*+ 38 more
- cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
- (no CPE)range: >=5.0, <=8.5.x
cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*
- cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*
- cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*
- cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*+ 20 more
- cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*
- Range: <= 2009-09
Patches
Vulnerability mechanics
References
7- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.vupen.com/english/advisories/2009/2389nvdPatchVendor Advisory
- secunia.com/advisories/36472nvdVendor Advisory
- secunia.com/advisories/36474nvdVendor Advisory
- www.securityfocus.com/bid/36042nvd
- www.securityfocus.com/bid/36124nvd
- www.symantec.com/security_response/securityupdates/detail.jspnvd
News mentions
0No linked articles in our index yet.