CVE-2009-3028 (GCVE-0-2009-3028)

Vulnerability from cvelistv5 – Published: 2011-03-07 20:00 – Updated: 2024-08-07 06:14
VLAI?
Summary
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/36346 vdb-entryx_refsource_BID
http://www.osvdb.org/57893 vdb-entryx_refsource_OSVDB
http://www.symantec.com/security_response/securit… x_refsource_CONFIRM
http://www.symantec.com/business/support/index?pa… x_refsource_CONFIRM
http://secunia.com/advisories/36679 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:55.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36346"
          },
          {
            "name": "57893",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/57893"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885"
          },
          {
            "name": "36679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36679"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-07T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "36346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36346"
        },
        {
          "name": "57893",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/57893"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885"
        },
        {
          "name": "36679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36679"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3028",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36346"
            },
            {
              "name": "57893",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/57893"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00"
            },
            {
              "name": "http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885"
            },
            {
              "name": "36679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36679"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3028",
    "datePublished": "2011-03-07T20:00:00",
    "dateReserved": "2009-08-31T00:00:00",
    "dateUpdated": "2024-08-07T06:14:55.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0002047-0965-4086-A5E6-AEC02200B6CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBD29C7F-B147-4CDE-8AC3-FCA6CA15C464\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC0FB60-BF58-455B-B5D1-97EDF2D6D0E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ACB4D1D-08D2-424B-B4F6-13FCDF034833\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE56560F-6F51-479E-B69F-3F750C8A2F31\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68AF67FB-5FC8-4EAA-AF09-35D4740B967F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B096EB3-F1E7-4933-972A-0E142CA854A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1_hf12:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FBCFF03-8C4F-4452-B841-36FEEB95E6F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C13D2DE-7EA0-4963-BA60-5D01E037D954\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D085BB2-1012-4386-AEE9-31870673BF55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADDD1F0C-3B7B-4D32-933A-A7D3E65B6049\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r10:*:*:*:*:*:*\", \"matchCriteriaId\": \"268EEE3E-B7D2-4739-80CB-64284A86CDA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r11:*:*:*:*:*:*\", \"matchCriteriaId\": \"00A3F84C-1C78-4AD9-9EFD-C3E8F0935224\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r12:*:*:*:*:*:*\", \"matchCriteriaId\": \"32BA7815-2572-496E-AC6E-4323813EEF96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r13:*:*:*:*:*:*\", \"matchCriteriaId\": \"7305D8F0-3928-434D-ADAE-788096731CDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E4DF22A-2516-41F2-B89C-F2424A6C56A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"419553B5-49BC-4789-BD32-959CF479062E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r4:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CB72176-8471-443B-BF06-829A51CCF71E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r5:*:*:*:*:*:*\", \"matchCriteriaId\": \"4217C68A-2B6A-4C62-88F1-3D22C1BAE7F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r6:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1D0DA71-27E9-4AD8-8D73-2F311646E989\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r7:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E187D85-9F75-4749-9682-29F66D919E12\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r8:*:*:*:*:*:*\", \"matchCriteriaId\": \"548B4DF2-D7EC-4BE7-BA52-2BDEF5577F49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r9:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC6B03D5-0E10-43CE-9B9A-4E232FF4FAEF\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B04B5F5-B488-4F85-9CEB-739E8B99FC54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"F153884E-6C9B-4E33-9D01-804AD1FE99A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"03C0AEC5-CB51-455B-A76B-F3F7D60F884A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D740F499-2924-4807-AACE-A60391F9EF52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A6EB8C4-3D2B-4A78-A670-418B36F0F0EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"25FDAAB9-F0E2-448A-B5E8-2E12EE3E2BBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:management_platform:7.0:sp5:*:*:*:*:*:*\", \"matchCriteriaId\": \"F26C12D4-2DC0-4BE2-A4ED-B58EE433352A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.\"}, {\"lang\": \"es\", \"value\": \"En Altiris eXpress NS SC la descarga del control ActiveX en AeXNSPkgDLLib.dll, como en Symantec Altiris Deployment Solution v6.9.x, Notification Server v6.0.x, y Symantec Management Platform v7.0.x expone un m\\u00e9todo inseguro, que permite a atacantes remotos forzar la descarga de archivos arbitrarios y, posiblemente, ejecutar c\\u00f3digo arbitrario a trav\\u00e9s del m\\u00e9todo DownloadAndInstall.\"}]",
      "id": "CVE-2009-3028",
      "lastModified": "2024-11-21T01:06:20.790",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-03-07T21:00:01.110",
      "references": "[{\"url\": \"http://secunia.com/advisories/36679\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/57893\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/36346\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/36679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/57893\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/36346\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-3028\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-03-07T21:00:01.110\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.\"},{\"lang\":\"es\",\"value\":\"En Altiris eXpress NS SC la descarga del control ActiveX en AeXNSPkgDLLib.dll, como en Symantec Altiris Deployment Solution v6.9.x, Notification Server v6.0.x, y Symantec Management Platform v7.0.x expone un m\u00e9todo inseguro, que permite a atacantes remotos forzar la descarga de archivos arbitrarios y, posiblemente, ejecutar c\u00f3digo arbitrario a trav\u00e9s del m\u00e9todo DownloadAndInstall.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0002047-0965-4086-A5E6-AEC02200B6CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBD29C7F-B147-4CDE-8AC3-FCA6CA15C464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC0FB60-BF58-455B-B5D1-97EDF2D6D0E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ACB4D1D-08D2-424B-B4F6-13FCDF034833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE56560F-6F51-479E-B69F-3F750C8A2F31\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68AF67FB-5FC8-4EAA-AF09-35D4740B967F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B096EB3-F1E7-4933-972A-0E142CA854A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1_hf12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBCFF03-8C4F-4452-B841-36FEEB95E6F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C13D2DE-7EA0-4963-BA60-5D01E037D954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D085BB2-1012-4386-AEE9-31870673BF55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADDD1F0C-3B7B-4D32-933A-A7D3E65B6049\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r10:*:*:*:*:*:*\",\"matchCriteriaId\":\"268EEE3E-B7D2-4739-80CB-64284A86CDA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r11:*:*:*:*:*:*\",\"matchCriteriaId\":\"00A3F84C-1C78-4AD9-9EFD-C3E8F0935224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r12:*:*:*:*:*:*\",\"matchCriteriaId\":\"32BA7815-2572-496E-AC6E-4323813EEF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r13:*:*:*:*:*:*\",\"matchCriteriaId\":\"7305D8F0-3928-434D-ADAE-788096731CDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E4DF22A-2516-41F2-B89C-F2424A6C56A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"419553B5-49BC-4789-BD32-959CF479062E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB72176-8471-443B-BF06-829A51CCF71E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4217C68A-2B6A-4C62-88F1-3D22C1BAE7F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1D0DA71-27E9-4AD8-8D73-2F311646E989\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E187D85-9F75-4749-9682-29F66D919E12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r8:*:*:*:*:*:*\",\"matchCriteriaId\":\"548B4DF2-D7EC-4BE7-BA52-2BDEF5577F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r9:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6B03D5-0E10-43CE-9B9A-4E232FF4FAEF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B04B5F5-B488-4F85-9CEB-739E8B99FC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F153884E-6C9B-4E33-9D01-804AD1FE99A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C0AEC5-CB51-455B-A76B-F3F7D60F884A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D740F499-2924-4807-AACE-A60391F9EF52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A6EB8C4-3D2B-4A78-A670-418B36F0F0EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"25FDAAB9-F0E2-448A-B5E8-2E12EE3E2BBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:management_platform:7.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F26C12D4-2DC0-4BE2-A4ED-B58EE433352A\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/36679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/57893\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/36346\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/57893\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/36346\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.symantec.com/business/support/index?page=content\u0026id=TECH44885\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090922_00\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.