CVE-2009-3037 Information

Description

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel) as used in IBM Lotus Notes 5.x through 8.5.x Symantec Mail Security Symantec BrightMail Appliance Symantec Data Loss Prevention (DLP) and other products allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

Reference

http://secunia.com/advisories/36472 http://secunia.com/advisories/36474 http://www.securityfocus.com/bid/36042 http://www.securityfocus.com/bid/36124 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00 http://www.vupen.com/english/advisories/2009/2389 http://www-01.ibm.com/support/docview.wss?uid=swg21396492