CVE-2009-3037

EPSS 18.49% · P95 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3037

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Autonomy KeyView软件包XSL文件远程缓冲区溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

KeyView是用于导出、转换和查看各种格式文件的软件包。 KeyView软件包没有正确地解析Excel文件中的共享字符串表(SST)记录。这个记录用于容纳文档中所使用字符串的表格，其中的一个字段是表示表格中字符串数量的32位整数，在计算中使用这个值控制为动态堆缓冲区所分配的字节数。由于不充分的过滤，在计算中可能导致整数溢出，最终导致堆溢出。攻击者可以诱骗用户通过使用KeyView软件包的应用程序来处理特制的Excel文档来触发这个漏洞，导致以应用程序的权限执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-3037

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-3037

请登录查看更多情报信息。

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg21396492x_refsource_CONFIRM
http://www.securityfocus.com/bid/36042vdb-entryx_refsource_BID
http://secunia.com/advisories/36474third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/36124vdb-entryx_refsource_BID
http://secunia.com/advisories/36472third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2389vdb-entryx_refsource_VUPEN
https://nvd.nist.gov/vuln/detail/CVE-2009-3037

Same Patch Batch · n/a · 2009-09-01 · 26 CVEs total

CVE-2008-7141		Alexphpteam lex Poll 'setup.php'跨站脚本攻击漏洞
CVE-2009-3038		RIM BlackBerry Desktop Manager 拒绝服务漏洞
CVE-2008-7152		Simon_Rycroft SID 'dir'参数远程文件包含漏洞
CVE-2008-7151		Gurpartap_Singh Drupal Live模块跨站请求伪造漏洞
CVE-2008-7150		Ber_Kessels Drupal Refine by Taxonomy模块跨站脚本攻击漏洞
CVE-2008-7149		AgileWiki 未明漏洞
CVE-2008-7148		synfig Animation studio 未明漏洞
CVE-2008-7147		IntraLearn 跨站脚本攻击漏洞
CVE-2008-7146		IntraLearn 敏感信息泄露漏洞
CVE-2008-7145		CoronaMatrix phpAddressBook 'index.php' SQL注入漏洞
CVE-2008-7144		rarlab winrar 多个未明漏洞
CVE-2008-7143		phpbb 信息泄露漏洞
CVE-2008-7142		cPanel 磁盘使用模块绝对路径游历漏洞
CVE-2009-3040		OCS Inventory NG download.php和group_show.php SQL注入漏洞
CVE-2008-7140		Alexguestbook lex Guestbook多个跨站脚本攻击漏洞
CVE-2008-7139		Eye-Fi 'WS-Proxy'多个跨站请求伪造漏洞
CVE-2008-7138		Eye-Fi管理器密码泄露漏洞
CVE-2008-7137		Eye-Fi 'WS-Proxy'拒绝服务漏洞
CVE-2008-7136		icq_toolbar 'toolbaru.dll' 多个远程拒绝服务漏洞
CVE-2008-7135		icq_toolbar 'toolbaru.dll' 拒绝服务漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-3037

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-3037

I. Basic Information for CVE-2009-3037

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-3037

III. Intelligence Information for CVE-2009-3037

Same Patch Batch · n/a · 2009-09-01 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-3037

Leave a comment