Altiris Deployment Solution Security Vulnerabilities and Issues — Altiris Deployment Solution CVE List

Lucene search

SymantecAltiris Deployment Solution

12 matches found

CVE•added 2009/09/11 8:30 p.m.•45 views

CVE-2009-3178

Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of 20090...

7.8CVSS6.9AI score0.00862EPSS

CVE•added 2009/09/08 11:30 p.m.•44 views

CVE-2009-3108

The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions (Everyone:Full Control), which allows local users to gain privileges by replacing the executable with a Trojan horse program.

7.2CVSS6.7AI score0.00042EPSS

CVE•added 2007/08/16 6:17 p.m.•42 views

CVE-2007-4380

Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.

7.2CVSS6.4AI score0.00058EPSS

CVE•added 2007/11/06 7:46 p.m.•41 views

CVE-2007-5838

Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.

7.2CVSS6.5AI score0.00071EPSS

CVE•added 2008/05/18 2:20 p.m.•41 views

CVE-2008-2286

SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.

7.5CVSS8.2AI score0.39749EPSS

CVE•added 2009/06/08 7:30 p.m.•37 views

CVE-2008-6828

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

7.8CVSS7.7AI score0.00043EPSS

CVE•added 2008/05/18 2:20 p.m.•36 views

CVE-2008-2291

axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.

7.5CVSS6.6AI score0.02166EPSS

CVE•added 2009/06/08 7:30 p.m.•36 views

CVE-2008-6827

The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine par...

7.8CVSS7.9AI score0.01558EPSS

CVE•added 2008/05/18 2:20 p.m.•34 views

CVE-2008-2289

Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.4AI score0.00067EPSS

CVE•added 2008/03/24 10:44 p.m.•32 views

CVE-2008-1473

The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack.

7.2CVSS6.5AI score0.00077EPSS

CVE•added 2008/05/18 2:20 p.m.•31 views

CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

7.2CVSS6.5AI score0.00067EPSS

CVE•added 2008/05/18 2:20 p.m.•30 views

CVE-2008-2290

Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.

7.2CVSS6.5AI score0.00067EPSS