Vulnerability Details : CVE-2009-3028
Public exploit exists!
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2009-3028
Probability of exploitation activity in the next 30 days: 72.80%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2009-3028
-
Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
Disclosure Date: 2009-09-09First seen: 2020-04-26exploit/windows/browser/symantec_altirisdeployment_downloadandinstallThis module allows remote attackers to install and execute arbitrary files on a users file system via AeXNSPkgDLLib.dll (6.0.0.1418). This module was tested against Symantec Altiris Deployment Solution 6.9 sp3. Authors: - MC <mc@metasploit.com>
CVSS scores for CVE-2009-3028
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2009-3028
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090922_00
-
http://www.securityfocus.com/bid/36346
Symantec Altiris eXpress NS SC Download ActiveX Control Arbitrary File Download VulnerabilityExploit
-
http://www.symantec.com/business/support/index?page=content&id=TECH44885
Patch
Products affected by CVE-2009-3028
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp3:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp4:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r7:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r6:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r10:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp1_hf12:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r4:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r5:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r3:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r2:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r13:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r9:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r1:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r11:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r12:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_notification_server:6.0:sp3_r8:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:management_platform:7.0:rc5:*:*:*:*:*:*