CVE-2008-2287

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.

Published: May 18, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-2287
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
symantec / altiris_deployment_solution	6.9	6.9.x
symantec / altiris_deployment_solution	6.8	6.8.x

http://marc.info/?l=bugtraq&m=122167472229965&w=2
http://secunia.com/advisories/30261
http://www.securityfocus.com/bid/29197
http://www.securitytracker.com/id?1020024
http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
http://www.vupen.com/english/advisories/2008/1542/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42442

Vulnerability Database

290,206

CVE-2008-2287