Remote Code Execution in Symantec Alert Management System by Intel File Transfer Service
CVE-2009-1431

Currently unrated

Key Information:

Vendor: Symantec
Status: Client Security; Antivirus; Antivirus Central Quarantine Server; Endpoint Protection
Vendor: CVE Published:; 29 April 2009

Summary

A vulnerability exists in the Intel File Transfer service of the Symantec Alert Management System that allows remote attackers to execute arbitrary code. By placing malicious payloads on a network share or a WebDAV server and providing the UNC share pathname to the vulnerable service, attackers can gain unauthorized access and control over the affected systems. This affects multiple Symantec products, potentially compromising the security of users' environments.

References

http://www.vupen.com/english/advisories/2009/1204

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1022132

vdb-entryx_refsource_SECTRACK

http://www.securitytracker.com/id?1022130

vdb-entryx_refsource_SECTRACK

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 29, 2009
Vulnerability Reserved
Apr 24, 2009