Added: 11/06/2009
CVE: CVE-2009-3031
BID: 36698
OSVDB: 59597
Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers.
A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute arbitrary commands when processing overly long arguments passed to the BrowseAndSaveFile() method.
Apply one of the solutions shown in SYM09-015.
<http://www.securityfocus.com/bid/36698>
Exploit works on Symantec Altiris Deployment Solution 6.9 and requires the user to open the exploit page in Internet Explorer 6 or 7.
Windows