CVE-2009-1429

CVSS V2 High 10 CVSS V3 None
Description
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
Overview
  • CVE ID
  • CVE-2009-1429
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2009-04-29T15:30:00
  • Last Modified Date
  • 2017-08-17T01:30:20
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:* 1 OR 9.0
cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:* 1 OR 10.1
cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:* 1 OR 10.2
cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:* 1 OR 3.1
cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:* 1 OR 11.0
cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 10
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 10
History
Created Old Value New Value Data Type Notes
2022-05-10 09:01:17 Added to TrackCVE