CVE-2008-6827

HIGHCVSS 7.8

7.8

The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.

🔗 References (18)

cve@mitrehttp://marc.info/?l=bugtraq&m=122460544316205&w=2
cve@mitrehttp://osvdb.org/49426
cve@mitrehttp://secunia.com/advisories/31773
cve@mitrehttp://www.insomniasec.com/advisories/ISVA-081020.1.htm
cve@mitrehttp://www.securityfocus.com/bid/31766
cve@mitrehttp://www.securitytracker.com/id?1021071
cve@mitrehttp://www.symantec.com/avcenter/security/Content/2008.10.20a.html
cve@mitrehttp://www.vupen.com/english/advisories/2008/2876
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/46006
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=122460544316205&w=2
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/49426
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31773
af854a3a-2127-422b-91ae-364da2661108http://www.insomniasec.com/advisories/ISVA-081020.1.htm
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31766
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021071

Is Your Infrastructure Affected by CVE-2008-6827?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-6827

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-6827?