CVE-2008-2287
Symantec Altiris Deployment Solution 6.8.x-6.9.x - Privilege Escalation via Install Directory Component Replacement
Title source: llmDescription
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42442
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1542/references
Mailing List vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=122167472229965&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/29197
Patch x_refsource_confirm
http://www.symantec.com/avcenter/security/Content/2008.05.14a.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020024
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30261
Scores
EPSS
0.0007
EPSS Percentile
20.6%
Details
CWE
CWE-264
Status
published
Products (2)
symantec/altiris_deployment_solution
6.8
symantec/altiris_deployment_solution
6.9
Published
May 18, 2008
Tracked Since
Feb 18, 2026