Symantec Altiris Deployment Solution 6.8 Service Pack 2

CPE Details

Symantec Altiris Deployment Solution 6.8 Service Pack 2
6.8
2020-09-15
10h59 +00:00
2020-09-15
10h59 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2:*:*:*:*:*:*

Informations

Vendor

symantec

Product

altiris_deployment_solution

Version

6.8

Update

sp2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2008-6827 2009-06-08 17h00 +00:00 The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.
7.8
Haute
CVE-2008-6828 2009-06-08 17h00 +00:00 Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
7.8
Haute
CVE-2008-4564 2009-03-18 14h00 +00:00 Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.
9.3
CVE-2008-2286 2008-05-18 12h00 +00:00 SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.
7.5
CVE-2008-2287 2008-05-18 12h00 +00:00 Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.
7.2
CVE-2008-2288 2008-05-18 12h00 +00:00 Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.
3.6
CVE-2008-2289 2008-05-18 12h00 +00:00 Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
7.2
CVE-2008-2290 2008-05-18 12h00 +00:00 Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
7.2
CVE-2008-2291 2008-05-18 12h00 +00:00 axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
7.5
CVE-2008-1754 2008-04-11 18h28 +00:00 Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
1.7
CVE-2008-1473 2008-03-24 21h00 +00:00 The Altiris Client Service (AClient.exe) in Symantec Altiris Deployment Solution 6.8.x before 6.9.164 allows local users to gain privileges via a "Shatter" style attack.
7.2
CVE-2007-5838 2007-11-06 18h00 +00:00 Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380.
7.2
CVE-2007-4380 2007-08-16 16h00 +00:00 Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer.
7.2