Vulnerabilities > Symantec > Altiris Deployment Solution
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-19 | CVE-2010-0109 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Altiris Deployment Solution DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. | 6.5 |
| 2009-06-08 | CVE-2008-6828 | Cleartext Storage of Sensitive Information vulnerability in Symantec Altiris Deployment Solution Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server. | 7.8 |
| 2009-06-08 | CVE-2008-6827 | Missing Authentication for Critical Function vulnerability in Symantec Altiris Deployment Solution The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function. | 7.8 |