CVE-2009-3028

The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r6:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r10:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1_hf12:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r4:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r5:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r3:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r2:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r13:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r11:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r7:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r1:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp2:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r9:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r8:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r12:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:symantec:management_platform:7.0:sp4:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:sp5:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:sp2:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:sp3:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:rc5:*:*:*:*:*:*

Information

Published : 2011-03-07 13:00

Updated : 2013-02-06 20:21


NVD link : CVE-2009-3028

Mitre link : CVE-2009-3028


JSON object : View

Advertisement

dedicated server usa

Products Affected

symantec

  • altiris_notification_server
  • management_platform
  • altiris_deployment_solution