CVE-2009-3031
Published Nov 3, 2009
Last updated 6 years ago
Overview
- Description
- Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 allows remote attackers to execute arbitrary code via a long string in the second argument.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0002047-0965-4086-A5E6-AEC02200B6CF"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBD29C7F-B147-4CDE-8AC3-FCA6CA15C464"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DC0FB60-BF58-455B-B5D1-97EDF2D6D0E5"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3ACB4D1D-08D2-424B-B4F6-13FCDF034833"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_management_platform:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72B538F1-CB05-495B-A3F3-24395A1F3B9A"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_management_platform:7.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "755E4F35-FEAB-488D-825B-C23AF31F03A0"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68AF67FB-5FC8-4EAA-AF09-35D4740B967F"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:6.0:*:sp1:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "214688D3-0653-4FDD-89C3-25E62BA050F6"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:6.0:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C13D2DE-7EA0-4963-BA60-5D01E037D954"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D085BB2-1012-4386-AEE9-31870673BF55"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E187D85-9F75-4749-9682-29F66D919E12"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C048C7FD-700F-4388-A1ED-16A6ECB31B66"
},
{
"criteria": "cpe:2.3:a:symantec:altiris_notification_server:7.0:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB49276E-A0B9-4E74-9A45-928BC6A99E3B"
}
],
"operator": "OR"
}
]
}
]