CVE-2014-7286

Symantec Deployment Solution <6.9 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-7286. PoCs published by Parvez Anwar.

AI-analyzed exploit summary This exploit targets a privilege escalation vulnerability in Symantec Altiris Agent by overwriting the HAL dispatch table via an arbitrary write. It includes token-stealing shellcode for both Windows XP SP3 and Windows Server 2003 SP2.

Description

Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

Exploits (1)

exploitdb WORKING POC
by Parvez Anwar · clocalwindows
https://www.exploit-db.com/exploits/35964

This exploit targets a privilege escalation vulnerability in Symantec Altiris Agent by overwriting the HAL dispatch table via an arbitrary write. It includes token-stealing shellcode for both Windows XP SP3 and Windows Server 2003 SP2.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Symantec Altiris Agent 6.9 (Build 648) with AlKernel.sys driver
No auth needed
Prerequisites: Access to a vulnerable Windows XP SP3 or Windows Server 2003 SP2 system with Symantec Altiris Agent installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031421
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/71727

Scores

EPSS 0.0079
EPSS Percentile 74.3%

Details

CWE
CWE-119
Status published
Products (1)
symantec/deployment_solution < 6.9
Published Dec 22, 2014
Tracked Since Feb 18, 2026