Trend Micro Security

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2009-3033

  概要

Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003849
  Trend Micro Deep Security DPI Rule Name: 1003849 - Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

  影響を受けるソフトウェア

  • symantec altiris_deployment_solution 6.9
  • symantec altiris_deployment_solution 6.9.164
  • symantec altiris_deployment_solution 6.9.176
  • symantec altiris_deployment_solution 6.9.355
  • symantec altiris_management_platform 7.0
  • symantec altiris_notification_server 6.0
  • symantec altiris_notification_server 6.0_sp3