CVE-2007-3874

2007-11-0619:46:00

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.3%

JSON

Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors.

Affected configurations

Nvd

Node

altirisdeployment_solutionMatch6.0

altirisdeployment_solutionMatch6.8

altirisdeployment_solutionMatch6.8sp1

altirisdeployment_solutionMatch6.8sp2

VendorProductVersionCPE
altirisdeployment_solution6.0cpe:2.3:a:altiris:deployment_solution:6.0:*:*:*:*:*:*:*
altirisdeployment_solution6.8cpe:2.3:a:altiris:deployment_solution:6.8:*:*:*:*:*:*:*
altirisdeployment_solution6.8cpe:2.3:a:altiris:deployment_solution:6.8:sp1:*:*:*:*:*:*
altirisdeployment_solution6.8cpe:2.3:a:altiris:deployment_solution:6.8:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
altiris	deployment_solution	6.0	cpe:2.3:a:altiris:deployment_solution:6.0:::::::*
altiris	deployment_solution	6.8	cpe:2.3:a:altiris:deployment_solution:6.8:::::::*
altiris	deployment_solution	6.8	cpe:2.3:a:altiris:deployment_solution:6.8:sp1::::::
altiris	deployment_solution	6.8	cpe:2.3:a:altiris:deployment_solution:6.8:sp2::::::