Lucene search
K
SymantecMail Security

19 matches found

CVE
CVE
added 2020/02/21 4:50 p.m.152 views

CVE-2012-6277

CVE-2012-6277 concerns multiple vulnerabilities in Autonomy KeyView IDOL libraries used by IBM Notes/Domino, Symantec messaging/security products, and others. The issue arises from underlying memory-corruption flaws in KeyView IDOL, triggered by processing crafted input files, potentially enablin...

9.3CVSS8.1AI score0.08119EPSS
CVE
CVE
added 2009/03/18 3:0 p.m.135 views

CVE-2008-4564

A stack-based buffer overflow in Autonomy KeyView SDK wp6sr.dll (WordPerfect document parser) allows remote code execution. The CVE-2008-4564 issue affects IBM Lotus Notes (and other products using KeyView), caused by unbounded copying of records into a fixed-size stack buffer when processing WPD...

9.3CVSS7.7AI score0.06757EPSS
CVE
CVE
added 2019/11/15 5:41 p.m.106 views

CVE-2019-12759

CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...

7.8CVSS7.9AI score0.00483EPSS
CVE
CVE
added 2007/10/05 9:0 p.m.71 views

CVE-2007-3699

CVE-2007-3699 affects the Decomposer component in multiple Symantec products, enabling remote attackers to trigger a denial of service (infinite loop) by crafting the PACK_SIZE field in a RAR header. Connected Nessus entries reiterate this as part of “Symantec Mail Security Engine/Scanner” vulner...

9.3CVSS6.2AI score0.03914EPSS
CVE
CVE
added 2007/11/10 2:0 a.m.70 views

CVE-2007-5909

CVE-2007-5909 is a buffer overflow vulnerability in Autonomy/Verity KeyView components (l123sr.dll, kpagrdr.dll, awsr.dll, exesr.dll, mwsr.dll, mifsr.dll, lasr.dll, rtfsr.dll) used by Lotus Notes 5.x–8.x. A crafted MIF/RTF/DOC/SAM/AS? attachments to these DLLs could cause a stack-based overflow, ...

9.3CVSS7.2AI score0.20906EPSS
CVE
CVE
added 2008/04/10 6:0 p.m.69 views

CVE-2007-5405

CVE-2007-5405 is an Autonomy KeyView (kpagrdr.dll) buffer-overflow vulnerability affecting Applix Graphics (.ag) parsing. Secunia and related advisories document three overflow paths: (1) unsafe parsing of ENCODING in the *BEGIN tag, (2) boundary errors from overly long tokens, and (3) initial *B...

9.3CVSS7.3AI score0.05741EPSS
CVE
CVE
added 2010/03/05 7:0 p.m.69 views

CVE-2009-3032

CVE-2009-3032 describes a heap-based buffer overflow in Autonomy KeyView Filter SDK (kvolefio.dll v8.5.0.8339 and v10.5.0.0) triggered by processing crafted OLE documents, impacting products that embed KeyView (e.g., IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.x). The v...

10CVSS7.7AI score0.03737EPSS
CVE
CVE
added 2011/07/18 10:0 p.m.67 views

CVE-2011-0548

CVE-2011-0548 concerns a buffer overflow in the Lotus Freelance Graphics PRZ file viewer component of Autonomy KeyView, used in Symantec Mail Security (SMS) 6.x–8.x, Symantec Brightmail and Messaging Gateway pre-9.5.1, and Symantec DLP pre-10.5.3 and 11.x pre-11.1. The vulnerability allows a remo...

9.3CVSS8.1AI score0.05137EPSS
CVE
CVE
added 2007/10/05 9:0 p.m.66 views

CVE-2007-0447

The CVE-2007-0447 entry corresponds to a heap-based buffer overflow in the Decomposer used by Symantec products (notably Symantec Antivirus Scan Engine / Mail Security for Exchange/Domino) when processing crafted CAB archives, enabling remote code execution. Connected details corroborate: a heap ...

9.3CVSS7.7AI score0.05957EPSS
CVE
CVE
added 2009/09/01 4:0 p.m.66 views

CVE-2009-3037

CVE-2009-3037 is a buffer overflow in the Autonomy KeyView XLS viewer (xlssr.dll) used by IBM Lotus Notes and multiple Symantec products (Mail Security, BrightMail, DLP, etc.). The overflow occurs while parsing Excel .xls attachments, enabling remote code execution by enticing a user to open a ma...

9.3CVSS7.8AI score0.05718EPSS
CVE
CVE
added 2007/03/03 8:0 p.m.64 views

CVE-2007-1252

Symantec Mail Security for SMTP (SMS for SMTP) vulnerable to a buffer overflow when processing malformed email headers in version 5.0 before Patch 175. The issue can crash the affected service and may allow arbitrary code execution. Exploitation, if achieved, would grant an attacker full control ...

9.3CVSS8AI score0.06841EPSS
CVE
CVE
added 2007/11/10 2:0 a.m.64 views

CVE-2007-5910

CVE-2007-5910 is a stack-based buffer overflow in Autonomy/Verity KeyView Viewer, Filter, and Export SDK prior to 9.2.0.12, exploited via crafted WordPerfect (WPD) attachments. It impacts Lotus Notes (wp6sr.dll) and other products (ActivePDF DocConverter, etc.), enabling remote code execution. Mi...

9.3CVSS7.6AI score0.06619EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.61 views

CVE-2005-0249

Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...

7.5CVSS8AI score0.18832EPSS
CVE
CVE
added 2006/10/26 5:0 p.m.56 views

CVE-2006-5545

CVE-2006-5545 affects Symantec Mail Security for Domino (Premium Antispam) on Domino Server 5.1.x. The vulnerability: the Premium Antispam feature does not filter certain SMTP recipient address formats, enabling remote attackers to relay spam through the remote host. Public sources reference vuln...

5CVSS6.6AI score0.01975EPSS
CVE
CVE
added 2010/08/17 5:31 p.m.55 views

CVE-2010-0131

CVE-2010-0131 describes a stack-based buffer overflow in the Spreadsheet Lotus 123 reader (wkssr.dll), affecting Autonomy KeyView 10.4 and 10.9 (and related products). The vulnerability stems from a boundary/float conversion issue in certain record types, enabling remote attackers to execute arbi...

9.3CVSS8.4AI score0.04093EPSS
CVE
CVE
added 2007/06/27 5:0 p.m.53 views

CVE-2007-1792

The CVE-2007-1792 issue affects Symantec Mail Security for SMTP and its SMS Filter Hub (filter-hub.exe) where libdayzero.dll fails to safely parse executable packers. Remote attackers can send an email with a crafted executable attachment that triggers boundary errors when detecting PE-Shield v0....

7.8CVSS6.4AI score0.04722EPSS
CVE
CVE
added 2008/04/10 6:0 p.m.53 views

CVE-2007-6020

CVE-2007-6020 describes multiple stack-based buffer overflows in the Folio Flat File speed reader (foliosr.dll) of Autonomy KeyView 10.3.0.0, used by IBM Lotus Notes and Symantec Mail Security (SMSSMTP/Exchange/Domino) and activePDF DocConverter. Secunia and NVD detail that boundary errors occur ...

9.3CVSS7.4AI score0.05741EPSS
CVE
CVE
added 2005/04/28 4:0 a.m.49 views

CVE-2005-1346

CVE-2005-1346 affects multiple Symantec AntiVirus products running on Windows (e.g., Norton AntiVirus 2005 11.0.0; Web Security 3.0.1.72; Mail Security for SMTP 4.0.5.66; AntiVirus Scan Engine 4.3.7.27; SAV/Filter for Domino NT 3.1.1.87; Mail Security for Exchange 4.5.4.743). The vulnerability al...

2.6CVSS7AI score0.01491EPSS
CVE
CVE
added 2008/04/10 6:0 p.m.48 views

CVE-2007-5406

CVE-2007-5406 affects Autonomy KeyView (kpagrdr.dll) components used in Applix graphics parsing, including versions 2.0.0.2 and 10.3.0.0. Secunia notes that parsing the ENCODING attribute and long tokens in Applix documents can trigger buffer overflows, enabling remote attackers to cause a denial...

9.3CVSS6.1AI score0.03003EPSS