Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
Gravité: : Critique
Identifiant(s) CVE: : CVE-2009-3033
Date du conseil: 21 juillet 2015
Description
Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003849
Trend Micro Deep Security DPI Rule Name: 1003849 - Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
Affected software and version:
- symantec altiris_deployment_solution 6.9
- symantec altiris_deployment_solution 6.9.164
- symantec altiris_deployment_solution 6.9.176
- symantec altiris_deployment_solution 6.9.355
- symantec altiris_management_platform 7.0
- symantec altiris_notification_server 6.0
- symantec altiris_notification_server 6.0_sp3