Lucene search

[email protected]CVE-2008-2288

HistoryMay 18, 2008 - 2:20 p.m.

CVE-2008-2288

2008-05-1814:20:00

CWE-264

[email protected]

web.nvd.nist.gov

symantec

altiris

deployment solution

access control

denial of service

sensitive information

security vulnerability

cve-2008-2288

6.6 Medium

AI Score

Confidence

High

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

CPENameOperatorVersion
symantec:altiris_deployment_solutionsymantec altiris deployment solutioneq6.9
symantec:altiris_deployment_solutionsymantec altiris deployment solutioneq6.8

CPE	Name	Operator	Version
symantec:altiris_deployment_solution	symantec altiris deployment solution	eq	6.9
symantec:altiris_deployment_solution	symantec altiris deployment solution	eq	6.8

References

marc.info/?l=bugtraq&m=122167472229965&w=2

secunia.com/advisories/30261

www.securityfocus.com/bid/29196

www.securitytracker.com/id?1020024

www.symantec.com/avcenter/security/Content/2008.05.14a.html

www.vupen.com/english/advisories/2008/1542/references

exchange.xforce.ibmcloud.com/vulnerabilities/42441

6.6 Medium

AI Score

Confidence

High

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-2288

prion1 cvelist1 nessus2