CVSS: 8.8EPSS: 6%CPEs: 8EXPL: 0CVE-2015-5689 – Symantec Ghost Out-Of-Bounds Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-5689
03 Sep 2015 — ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image. Vulnerabilidad en ghostexp.exe en Ghost Explorer Utility en Symantec Ghost Solutions Suite (GSS) ... • http://www.securityfocus.com/bid/76498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2014-7286 – Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-7286
22 Dec 2014 — Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors. Desbordamiento de buffer en AClient en Symantec Deployment Solution 6.9 y anteriores en Windows XP y Server 2003 permite a usuarios locales obtener privilegios a través de vectores sin especificar. • https://www.exploit-db.com/exploits/35964 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-3874
https://notcve.org/view.php?id=CVE-2007-3874
06 Nov 2007 — Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en el demonio tftp/mftp en el componente del servidor PXE (pxemtftp.exe) en Symantec Altiris Deployment Solution 6.x anterior a 6.8.380.0 permite a atacantes remotos leer archivos de su elección a través de vectores no especificados. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=619 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 3CVE-2005-1590 – Altiris Deployment Solution 5.6 - Client Service Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-1590
16 May 2005 — The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. • https://www.exploit-db.com/exploits/24754 •