Release DateOct 27, 2011 |
Severityhigh |
ImpactSystem compromise: Remote code execution. |
DescriptionThis indicates a possible attack on a Command Execution vulnerability in the Intel LANDesk Common Base Agent in Symantec Alert Management System 2, which is used in multiple Symantec products.The vulnerability is due to the software's inability to properly handle malformed user supplied input. A remote attacker can exploit this to execute arbitrary code. |
Affected ProductsSymantec AntiVirus Corporate Edition 9.0 MR6 and earlier.Symantec Client Security 2.0 MR6 and earlier. Symantec Endpoint Protection 11.0 MR2 and earlier. |
Recommended ActionsPlease refer to the vendor's advisory for the latest updates or patches:http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-1431 |
