ActiveX Control Vulnerability in Symantec Altiris Deployment Solution
CVE-2009-3028
Currently unrated
What is CVE-2009-3028?
The Altiris eXpress NS SC Download ActiveX control, located in AeXNSPkgDLLib.dll, is susceptible to exploitation. This vulnerability allows remote attackers to use the DownloadAndInstall method to initiate the download of arbitrary files. If successfully leveraged, this can lead to the execution of malicious code on a target system. Organizations utilizing Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, or Symantec Management Platform 7.0.x should be aware of this risk and take necessary precautions.