CVE-2008-6827

7.8HIGH

Key Information:

Vendor
Symantec
Status
Altiris Deployment Solution
Altiris Notification Server
Vendor
CVE Published:
8 June 2009

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-6827
Created by alt3kx

References

http://www.securitytracker.com/id?1021071
vdb-entryx_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=122460544316205&w=2
mailing-listx_refsource_BUGTRAQ
http://www.symantec.com/avcenter/security/Content/2008.10...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.