Kaspersky LabKLA10058KLA10058 WLF vulnerability in Altiris Notification Server
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.1%
An unspecified vulnerability was found in the Symantec products. By exploiting this vulnerability malicious users can download and write local files. This vulnerability can be exploited from the network at a point related to eXpress NS SC Download.
Original advisories
Related products
Altiris-Notification-Server-Agent
CVE list
CVE-2009-3028 high
Solution
Update to latest version
Impacts
- WLF
Write Local Files. Exploitation of vulnerabilities with this impact can lead to writing into some inaccessible files. Files that can be read depends on concrete program errors.
Affected Products
- Symantec Altiris Deployment Solution 6.9 all versionsSymantec Altiris Notification Server 6.0 all versionsSymantec Management Platform 7.0 all versions
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.1%