ActiveX Control Vulnerability in Symantec Altiris Deployment Solution
CVE-2009-3028

Currently unrated

Key Information:

Vendor

Symantec
Status
Altiris Deployment Solution
Vendor
CVE Published:
7 March 2011

What is CVE-2009-3028?

The Altiris eXpress NS SC Download ActiveX control, located in AeXNSPkgDLLib.dll, is susceptible to exploitation. This vulnerability allows remote attackers to use the DownloadAndInstall method to initiate the download of arbitrary files. If successfully leveraged, this can lead to the execution of malicious code on a target system. Organizations utilizing Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, or Symantec Management Platform 7.0.x should be aware of this risk and take necessary precautions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/36346
vdb-entryx_refsource_BID
http://www.osvdb.org/57893
vdb-entryx_refsource_OSVDB
http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM

EPSS Score

70% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.