Symantec Products OLE File Parsing Integer Overflow Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
8 Mar 2010
4584
Views
RISK: Medium Risk
A vulnerability has been identified in various Symantec products, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an integer overflow error in the Autonomy KeyView component, which could be exploited by attackers to execute arbitrary code via a malicious OLE document.
Impact
- Remote Code Execution
System / Technologies affected
- Symantec Mail Security for Domino versions 8.0.x
- Symantec Mail Security for Domino versions 7.5.x
- Symantec Mail Security for Microsoft Exchange versions 6.0.x
- Symantec Mail Security for Microsoft Exchange versions 5.0.x
- Symantec BrightMail Gateway versions 8.0.x
- Symantec Mail Security for SMTP (EOL) versions 5.0.x
- Symantec Data Loss Prevention Enforce/Detection Servers version 7.2
- Symantec Data Loss Prevention Enforce/Detection Servers for Windows version 8.1.1
- Symantec Data Loss Prevention Enforce/Detection Servers for Windows versions 9.x
- Symantec Data Loss Prevention Enforce/Detection Servers for Windows versions 10.0
- Symantec Data Loss Prevention Enforce/Detection Servers for Linux version 8.1.1
- Symantec Data Loss Prevention Enforce/Detection Servers for Linux versions 9.x
- Symantec Data Loss Prevention Enforce/Detection Servers for Linux versions 10.0
- Symantec Data Loss Prevention Endpoint Agents version 8.1.1
- Symantec Data Loss Prevention Endpoint Agents versions 9.x
- Symantec Data Loss Prevention Endpoint Agents version 10.0
- Symantec IM Manager 2007 versions 8.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Vulnerability Identifier
Source
Share with