CVE-2008-1754
Symantec Altiris Deployment Solution <6.9.164 - Info Disclosure
Title source: llmDescription
Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41771
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28707
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1197/references
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29771
Patch x_refsource_confirm
http://securityresponse.symantec.com/avcenter/security/Content/2008.04.10.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019825
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/44388
Scores
EPSS
0.0008
EPSS Percentile
24.1%
Details
CWE
CWE-310
Status
published
Products (3)
symantec/altiris_deployment_solution
6.8 sp1
symantec/altiris_deployment_solution
6.8.380
symantec/altiris_deployment_solution
< 6.8
Published
Apr 11, 2008
Tracked Since
Feb 18, 2026