CVE-2009-3033

EUVD-2009-3017
Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
symantecaltiris_deployment_solution
6.9
symantecaltiris_deployment_solution
6.9:sp1
symantecaltiris_deployment_solution
6.9:sp2
symantecaltiris_deployment_solution
6.9:sp3
symantecaltiris_deployment_solution
6.9.164
symantecaltiris_deployment_solution
6.9.176
symantecaltiris_deployment_solution
6.9.355
symantecaltiris_deployment_solution
6.9.355:sp1
symantecaltiris_management_platform
7.0
symantecaltiris_management_platform
7.0:sp1
symantecaltiris_notification_server
6.0
symantecaltiris_notification_server
6.0:sp1
symantecaltiris_notification_server
6.0:sp2
symantecaltiris_notification_server
6.0:sp3
symantecaltiris_notification_server
6.0:sp3_r7
symantecaltiris_notification_server
6.0_sp3:_sp3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/60496
http://www.securityfocus.com/bid/37092
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00
http://www.vupen.com/english/advisories/2009/3328
https://exchange.xforce.ibmcloud.com/vulnerabilities/54415
https://kb.altiris.com/article.asp?article=50072&p=1
https://kb.altiris.com/article.asp?article=50279&p=1
http://osvdb.org/60496
http://www.securityfocus.com/bid/37092
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00
http://www.vupen.com/english/advisories/2009/3328
https://exchange.xforce.ibmcloud.com/vulnerabilities/54415
https://kb.altiris.com/article.asp?article=50072&p=1
https://kb.altiris.com/article.asp?article=50279&p=1