Vulnerabilities > Symantec > Altiris Deployment Solution > Medium

DATE CVE VULNERABILITY TITLE RISK
2011-03-07 CVE-2009-3028 Unspecified vulnerability in Symantec products
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
network
symantec
6.8
2009-09-08 CVE-2009-3110 Race Condition vulnerability in Symantec Altiris Deployment Solution
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does.
network
symantec CWE-362
5.8
2007-10-18 CVE-2007-5555 Information Exposure vulnerability in Symantec Altiris Deployment Solution 6
Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information.
6.9