Symantec Alert Management System File Transfer Service Remote Code Execution (CVE-2009-1431)

Symantec System Center provides centralized systems and policy management for Norton Antivirus Enterprise Solution across multiple Windows NT and NetWare networks. The vulnerability is due to a design error in the Intel File Transfer service XFR.EXE, a service used to aid communication between th...

Code injection

XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10....