Lucene search
SAINT CorporationSAINT:10DF7285A7C07BC6637E4486B586B48EHistoryNov 06, 2009 - 12:00 a.m.
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-0600:00:00
SAINT Corporation
www.saintcorporation.com
13
0.964 High
EPSS
Percentile
99.4%
Added: 11/06/2009
CVE: CVE-2009-3031
BID: 36698
OSVDB: 59597
Background
Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers.
Problem
A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute arbitrary commands when processing overly long arguments passed to the BrowseAndSaveFile() method.
Resolution
Apply one of the solutions shown in SYM09-015.
References
<http://www.securityfocus.com/bid/36698>
Limitations
Exploit works on Symantec Altiris Deployment Solution 6.9 and requires the user to open the exploit page in Internet Explorer 6 or 7.
Platforms
Windows
Related
prion
prion
Stack overflow
2009-11-03 16:30:00
securityvulns
securityvulns
nessus
nessus
packetstorm
packetstorm
Symantec ConsoleUtilities ActiveX Control Metasploit Exploit
2009-11-03 00:00:00
symantec
symantec
saint
saint
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
cve
cve
CVE-2009-3031
2009-11-03 16:30:00
seebug
seebug
Symantec Altiris产品ConsoleUtilities ActiveX控件栈溢出漏洞
2009-11-03 00:00:00
Symantec Altiris ConsoleUtilities ActiveX控件缓冲区溢出漏洞
2009-11-05 00:00:00
checkpoint_advisories
checkpoint_advisories