Vulnerabilities > Symantec > Altiris Deployment Solution > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-07 | CVE-2009-3028 | Unspecified vulnerability in Symantec products The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method. network symantec | 6.8 |
| 2009-09-08 | CVE-2009-3110 | Race Condition vulnerability in Symantec Altiris Deployment Solution Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does. | 5.8 |
| 2007-10-18 | CVE-2007-5555 | Information Exposure vulnerability in Symantec Altiris Deployment Solution 6 Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information. | 6.9 |