Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
Severity: : Critical
CVE Kennungen: : CVE-2009-3033
Advisory Date: 21 de июля de 2015
DESCRIPTION
Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1003849
Trend Micro Deep Security DPI Rule Name: 1003849 - Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
AFFECTED SOFTWARE AND VERSION:
- symantec altiris_deployment_solution 6.9
- symantec altiris_deployment_solution 6.9.164
- symantec altiris_deployment_solution 6.9.176
- symantec altiris_deployment_solution 6.9.355
- symantec altiris_management_platform 7.0
- symantec altiris_notification_server 6.0
- symantec altiris_notification_server 6.0_sp3