CVE-2008-6827

The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
symantecaltiris_deployment_solution
6.0 ≤
𝑥
< 6.9.355
symantecaltiris_deployment_solution
6.9.355
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://marc.info/?l=bugtraq&m=122460544316205&w=2
http://osvdb.org/49426
http://secunia.com/advisories/31773
http://www.insomniasec.com/advisories/ISVA-081020.1.htm
http://www.securityfocus.com/bid/31766
http://www.securitytracker.com/id?1021071
http://www.symantec.com/avcenter/security/Content/2008.10.20a.html
http://www.vupen.com/english/advisories/2008/2876
https://exchange.xforce.ibmcloud.com/vulnerabilities/46006
http://marc.info/?l=bugtraq&m=122460544316205&w=2
http://osvdb.org/49426
http://secunia.com/advisories/31773
http://www.insomniasec.com/advisories/ISVA-081020.1.htm
http://www.securityfocus.com/bid/31766
http://www.securitytracker.com/id?1021071
http://www.symantec.com/avcenter/security/Content/2008.10.20a.html
http://www.vupen.com/english/advisories/2008/2876
https://exchange.xforce.ibmcloud.com/vulnerabilities/46006