CVE-2009-3033

2009-11-2516:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.962

Percentile

99.6%

JSON

Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.

Affected configurations

Nvd

Node

symantecaltiris_deployment_solutionMatch6.9

symantecaltiris_deployment_solutionMatch6.9sp1

symantecaltiris_deployment_solutionMatch6.9sp2

symantecaltiris_deployment_solutionMatch6.9sp3

symantecaltiris_deployment_solutionMatch6.9.164

symantecaltiris_deployment_solutionMatch6.9.176

symantecaltiris_deployment_solutionMatch6.9.355

symantecaltiris_deployment_solutionMatch6.9.355sp1

symantecaltiris_management_platformMatch7.0

symantecaltiris_management_platformMatch7.0sp1

symantecaltiris_notification_serverMatch6.0

symantecaltiris_notification_serverMatch6.0sp1

symantecaltiris_notification_serverMatch6.0sp2

symantecaltiris_notification_serverMatch6.0sp3

symantecaltiris_notification_serverMatch6.0sp3_r7

symantecaltiris_notification_serverMatch6.0_sp3

VendorProductVersionCPE
symantecaltiris_deployment_solution6.9cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9.164cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164:*:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9.176cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176:*:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9.355cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:*:*:*:*:*:*:*
symantecaltiris_deployment_solution6.9.355cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:sp1:*:*:*:*:*:*
symantecaltiris_management_platform7.0cpe:2.3:a:symantec:altiris_management_platform:7.0:*:*:*:*:*:*:*
symantecaltiris_management_platform7.0cpe:2.3:a:symantec:altiris_management_platform:7.0:sp1:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	altiris_deployment_solution	6.9	cpe:2.3:a:symantec:altiris_deployment_solution:6.9:::::::*
symantec	altiris_deployment_solution	6.9	cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1::::::
symantec	altiris_deployment_solution	6.9	cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2::::::
symantec	altiris_deployment_solution	6.9	cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3::::::
symantec	altiris_deployment_solution	6.9.164	cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164:::::::*
symantec	altiris_deployment_solution	6.9.176	cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176:::::::*
symantec	altiris_deployment_solution	6.9.355	cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:::::::*
symantec	altiris_deployment_solution	6.9.355	cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:sp1::::::
symantec	altiris_management_platform	7.0	cpe:2.3:a:symantec:altiris_management_platform:7.0:::::::*
symantec	altiris_management_platform	7.0	cpe:2.3:a:symantec:altiris_management_platform:7.0:sp1::::::