Lucene search

[email protected]CVE-2008-2287

HistoryMay 18, 2008 - 2:20 p.m.

CVE-2008-2287

2008-05-1814:20:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-2287

symantec altiris

deployment solution

local privilege escalation

vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

Affected configurations

NVD

Node

symantecaltiris_deployment_solutionMatch6.8

symantecaltiris_deployment_solutionMatch6.9

CPENameOperatorVersion
symantec:altiris_deployment_solutionsymantec altiris deployment solutioneq6.8
symantec:altiris_deployment_solutionsymantec altiris deployment solutioneq6.9

CPE	Name	Operator	Version
symantec:altiris_deployment_solution	symantec altiris deployment solution	eq	6.8
symantec:altiris_deployment_solution	symantec altiris deployment solution	eq	6.9

References

marc.info/?l=bugtraq&m=122167472229965&w=2

secunia.com/advisories/30261

www.securityfocus.com/bid/29197

www.securitytracker.com/id?1020024

www.symantec.com/avcenter/security/Content/2008.05.14a.html

www.vupen.com/english/advisories/2008/1542/references

exchange.xforce.ibmcloud.com/vulnerabilities/42442

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-2287

cvelist1 nvd1 prion1 nessus2