CVE-2008-2288

Published: May 18, 2008Modified: Apr 23, 2026

3.6

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Exploitability: 3.9 / Impact: 4.9

Source: NVD

Description

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

Affected (2)

Products: Symantec: Altiris Deployment Solution

Symantec

1 product

Altiris Deployment Solution

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Symantec Altiris Deployment Solution	Version 6.8
Symantec Altiris Deployment Solution	Version 6.9

Related CWEs

CWE-264

References (14)

http://marc.info/?l=bugtraq&m=122167472229965&w=2

Source: cve@mitre.org

http://secunia.com/advisories/30261

Source: cve@mitre.org

http://www.securityfocus.com/bid/29196

Source: cve@mitre.org

http://www.securitytracker.com/id?1020024

Source: cve@mitre.org

http://www.symantec.com/avcenter/security/Content/2008.05.14a.html

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2008/1542/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42441

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=122167472229965&w=2