CVE-2009-3033

Description

Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument.

References

https://kb.altiris.com/article.asp?article=50279&p=1

https://kb.altiris.com/article.asp?article=50072&p=1

https://exchange.xforce.ibmcloud.com/vulnerabilities/54415

http://www.vupen.com/english/advisories/2009/3328

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00

http://osvdb.org/60496

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3