HTTP: Symantec Altiris Products ActiveX Control
This signature detects attempts to use unsafe ActiveX controls of Multiple Symantec Altiris Products. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Symantec Altiris Notification Server with Symantec Management Platform and Altiris Deployment Solution are prone to a buffer-overflow vulnerability because the applications use an ActiveX control provided by 'AeXNSConsoleUtilities.dll' that fails to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.
Affected Products
Symantec altiris_deployment_solution
References
CVE: CVE-2009-3033
URL: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091102_00 http://sotiriu.de/adv/nsoadv-2009-001.txt http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00 http://www.vupen.com/english/advisories/2009/3328
Short Name
HTTP:STC:ACTIVEX:ALTIRIS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Altiris CVE-2009-3031 CVE-2009-3033 Control Products Symantec bid:36698 bid:37092
Release Date
11/09/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Symantec
CVSS Score
9.3