Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:F206549791FC97B4BEBF99C4F57684F9
HistoryNov 06, 2009 - 12:00 a.m.

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

2009-11-0600:00:00
SAINT Corporation
download.saintcorporation.com
14

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.96

Percentile

99.5%

JSON

Added: 11/06/2009
CVE: CVE-2009-3031
BID: 36698
OSVDB: 59597

Background

Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers.

Problem

A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute arbitrary commands when processing overly long arguments passed to the BrowseAndSaveFile() method.

Resolution

Apply one of the solutions shown in SYM09-015.

References

<http://www.securityfocus.com/bid/36698&gt;

Limitations

Exploit works on Symantec Altiris Deployment Solution 6.9 and requires the user to open the exploit page in Internet Explorer 6 or 7.

Platforms

Windows

Related

saint 3
symantec 1
securityvulns 2
seebug 5
cve 1
zdt 1
nessus 1
prion 1
exploitdb 2
cvelist 1
metasploit 1
packetstorm 1
nvd 1
checkpoint_advisories 1
saint
saint
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow
2009-11-06 00:00:00
symantec
symantec
Symantec Altiris Deployment Solution and Notification Server Management Web Console Browse and Save
2009-11-02 08:00:00
securityvulns
securityvulns
Symantec Altiris Notification Server / Symantec Management Platform / Symantec Altiris Deployment Solution ActiveX buffer overflow
2009-11-05 00:00:00
NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow
2009-11-05 00:00:00
seebug
seebug
Symantec Altiris产品ConsoleUtilities ActiveX控件栈溢出漏洞
2009-11-03 00:00:00
Symmantec ConsoleUtilities
2009-11-02 00:00:00
Symantec ConsoleUtilities ActiveX Control Buffer
2009-11-03 00:00:00
cve
cve
CVE-2009-3031
2009-11-03 16:30:10
zdt
zdt
Symantec ConsoleUtilities ActiveX Buffer Overflow
2009-11-02 00:00:00
nessus
nessus
Altiris ConsoleUtilities 'BrowseAndSaveFile()' ActiveX Control Buffer Overflow
2009-11-04 00:00:00
prion
prion
Stack overflow
2009-11-03 16:30:00
exploitdb
exploitdb
Symantec ConsoleUtilities - ActiveX Control Buffer Overflow (Metasploit)
2010-11-11 00:00:00
Symantec ConsoleUtilities - ActiveX Buffer Overflow (Metasploit)
2009-11-02 00:00:00
cvelist
cvelist
CVE-2009-3031
2009-11-03 16:00:00
metasploit
metasploit
Symantec ConsoleUtilities ActiveX Control Buffer Overflow
2009-11-02 21:02:45
packetstorm
packetstorm
Symantec ConsoleUtilities ActiveX Control Metasploit Exploit
2009-11-03 00:00:00
nvd
nvd
CVE-2009-3031
2009-11-03 16:30:10
checkpoint_advisories
checkpoint_advisories
Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow (CVE-2009-3031; CVE-2009-3033)
2009-12-16 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.96

Percentile

99.5%

JSON
Related for SAINT:F206549791FC97B4BEBF99C4F57684F9
saint3symantec1securityvulns2seebug5cve1zdt1nessus1prion1exploitdb2cvelist1metasploit1packetstorm1nvd1checkpoint_advisories1