Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:F206549791FC97B4BEBF99C4F57684F9
HistoryNov 06, 2009 - 12:00 a.m.

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

2009-11-0600:00:00
SAINT Corporation
download.saintcorporation.com
13

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.953 High

EPSS

Percentile

99.3%

JSON

Added: 11/06/2009
CVE: CVE-2009-3031
BID: 36698
OSVDB: 59597

Background

Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers.

Problem

A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute arbitrary commands when processing overly long arguments passed to the BrowseAndSaveFile() method.

Resolution

Apply one of the solutions shown in SYM09-015.

References

<http://www.securityfocus.com/bid/36698&gt;

Limitations

Exploit works on Symantec Altiris Deployment Solution 6.9 and requires the user to open the exploit page in Internet Explorer 6 or 7.

Platforms

Windows

Related

prion 1
securityvulns 2
nessus 1
packetstorm 1
symantec 1
saint 3
seebug 2
cve 1
checkpoint_advisories 1
prion
prion
Stack overflow
2009-11-03 16:30:00
securityvulns
securityvulns
NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow
2009-11-05 00:00:00
Symantec Altiris Notification Server / Symantec Management Platform / Symantec Altiris Deployment Solution ActiveX buffer overflow
2009-11-05 00:00:00
nessus
nessus
Altiris ConsoleUtilities 'BrowseAndSaveFile()' ActiveX Control Buffer Overflow
2009-11-04 00:00:00
packetstorm
packetstorm
Symantec ConsoleUtilities ActiveX Control Metasploit Exploit
2009-11-03 00:00:00
symantec
symantec
Symantec Altiris Deployment Solution and Notification Server Management Web Console Browse and Save
2009-11-02 08:00:00
saint
saint
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
seebug
seebug
Symantec Altiris产品ConsoleUtilities ActiveX控件栈溢出漏洞
2009-11-03 00:00:00
Symantec Altiris ConsoleUtilities ActiveX控件缓冲区溢出漏洞
2009-11-05 00:00:00
cve
cve
CVE-2009-3031
2009-11-03 16:30:00
checkpoint_advisories
checkpoint_advisories
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow (CVE-2009-3031; CVE-2009-3033)
2009-12-16 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.953 High

EPSS

Percentile

99.3%

JSON
Related for SAINT:F206549791FC97B4BEBF99C4F57684F9
prion1securityvulns2nessus1packetstorm1symantec1saint3seebug2cve1checkpoint_advisories1