Altiris Deployment Solution Security Vulnerabilities and Issues — Altiris Deployment Solution CVE List

Lucene search

SymantecAltiris Deployment Solution

6 matches found

CVE•added 2008/05/18 2:20 p.m.•41 views

CVE-2008-2286

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

7.5CVSS8.2AI score0.39749EPSS

CVE•added 2008/05/18 2:20 p.m.•36 views

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

7.5CVSS6.6AI score0.02166EPSS

CVE•added 2008/05/18 2:20 p.m.•34 views

CVE-2008-2289

Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.4AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•31 views

CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

7.2CVSS6.5AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•30 views

CVE-2008-2290

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.5AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•29 views

CVE-2008-2288

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

3.6CVSS6.5AI score0.00089EPSS