CVE-2009-1431

Severity Score

9.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.

XFR.EXE en el servicio Intel File Transfer en la consola en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anteriores a 9.0 MR7, 10.0 y 10.1 anteriores a 10.1 MR8, y 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) 2 anteriores a 2.0 MR7 y 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anteriores a 11.0 MR3, permite a atacantes remotos la ejecución de código arbitrario colocando el código en un (1) compartido o (2) servidor WebDAV y luego enviando la ruta al compartido UNC de este servicio.

*Credits: N/A

CVSS Scores

NISTv2 9.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-04-24 CVE Reserved
2009-04-29 CVE Published
2023-09-16 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786	Third Party Advisory
http://secunia.com/advisories/34856	Third Party Advisory
http://www.securityfocus.com/bid/34675	Third Party Advisory
http://www.securitytracker.com/id?1022130	Third Party Advisory
http://www.securitytracker.com/id?1022131	Third Party Advisory
http://www.securitytracker.com/id?1022132	Third Party Advisory
http://www.vupen.com/english/advisories/2009/1204	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50179	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02	2019-09-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				<= 9.0 Search vendor "Symantec" for product "Antivirus" and version " <= 9.0"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				>= 10 <= 10.2 Search vendor "Symantec" for product "Antivirus" and version " >= 10 <= 10.2"		corporate		Affected
Symantec Search vendor "Symantec"		Antivirus Search vendor "Symantec" for product "Antivirus"				-		srv		Affected
Symantec Search vendor "Symantec"		Antivirus Central Quarantine Server Search vendor "Symantec" for product "Antivirus Central Quarantine Server"				*		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				<= 2.0 Search vendor "Symantec" for product "Client Security" and version " <= 2.0"		-		Affected
Symantec Search vendor "Symantec"		Client Security Search vendor "Symantec" for product "Client Security"				>= 3.0 <= 3.1 Search vendor "Symantec" for product "Client Security" and version " >= 3.0 <= 3.1"		-		Affected
Symantec Search vendor "Symantec"		Endpoint Protection Search vendor "Symantec" for product "Endpoint Protection"				<= 11.0 Search vendor "Symantec" for product "Endpoint Protection" and version " <= 11.0"		-		Affected
Symantec Search vendor "Symantec"		System Center Search vendor "Symantec" for product "System Center"				*		-		Affected