Filtered by vendor Symantec Subscriptions
Filtered by product Altiris Deployment Solution Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-3110 1 Symantec 1 Altiris Deployment Solution 2013-02-07 N/A
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.
CVE-2009-3109 1 Symantec 1 Altiris Deployment Solution 2013-02-07 N/A
Unspecified vulnerability in the AClient agent in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430, when key-based authentication is being used between a deployment server and a client, allows remote attackers to bypass authentication and execute arbitrary commands as SYSTEM by spoofing the deployment server and sending "alternate commands" before the handshake is completed.
CVE-2009-3028 1 Symantec 3 Altiris Deployment Solution, Altiris Notification Server, Management Platform 2013-02-07 N/A
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
CVE-2007-5555 1 Symantec 1 Altiris Deployment Solution 2008-09-05 N/A
Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.