← Back

CVE-2009-3108

nvd nist
Published: Sep 8, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

The Aclient GUI in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 installs a client executable with insecure permissions (Everyone:Full Control), which allows local users to gain privileges by replacing the executable with a Trojan horse program.

Affected (6)

Symantec
1 product
Altiris Deployment Solution
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Symantec
Altiris Deployment Solution
Version 6.9.164
Altiris Deployment Solution
Version 6.9.176
Altiris Deployment Solution
Version 6.9.355
Altiris Deployment Solution
Version 6.9.355 sp1
Altiris Deployment Solution
Version 6.9
Altiris Deployment Solution
Version 6.9 sp1

Related CWEs

CWE-264
CWE-264

References (8)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.