The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions (Everyone:Full Control), which allows local users to gain privileges by replacing the executable with a Trojan horse program.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-09-08T23:00:00
Updated: 2013-02-07T10:00:00
Reserved: 2009-09-08T00:00:00
Link: CVE-2009-3108
JSON object: View
NVD Information
Status : Modified
Published: 2009-09-08T23:30:00.593
Modified: 2013-02-07T04:21:39.360
Link: CVE-2009-3108
JSON object: View
Redhat Information
No data.
CWE