Intrusion Prevention

Symantec.Altiris.Deployment.ActiveX.Downloadandinstall.Access

Description

This indicates an attempt to exploit a code execution vulnerability in Symantec Altiris Deployment Solution.
The vulnerability is located in the "AeXNSPkgDLLib.dll" ActiveX control through miss-use of "DownloadAndInstall" method. It may allow remote attackers to download and install arbitrary files in vulnerable systems.

Affected Products

Symantec Altiris Deployment Solution 6.9 sp3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Set the kill bit for the affected ActiveX control.

CVE References

CVE-2009-3028 CVE-2009-3179