CVE-2009-1431

XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
Link Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 Third Party Advisory
http://secunia.com/advisories/34856 Third Party Advisory
http://www.securityfocus.com/bid/34675 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022130 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022131 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022132 Third Party Advisory VDB Entry
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 Vendor Advisory
http://www.vupen.com/english/advisories/2009/1204 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 Third Party Advisory VDB Entry
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 Third Party Advisory
http://secunia.com/advisories/34856 Third Party Advisory
http://www.securityfocus.com/bid/34675 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022130 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022131 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1022132 Third Party Advisory VDB Entry
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 Vendor Advisory
http://www.vupen.com/english/advisories/2009/1204 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:02

Type Values Removed Values Added
References () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 - Third Party Advisory () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 - Third Party Advisory
References () http://secunia.com/advisories/34856 - Third Party Advisory () http://secunia.com/advisories/34856 - Third Party Advisory
References () http://www.securityfocus.com/bid/34675 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/34675 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id?1022130 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id?1022130 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id?1022131 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id?1022131 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id?1022132 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id?1022132 - Third Party Advisory, VDB Entry
References () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 - Vendor Advisory () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2009/1204 - Third Party Advisory () http://www.vupen.com/english/advisories/2009/1204 - Third Party Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 - Third Party Advisory, VDB Entry

Information

Published : 2009-04-29 15:30

Updated : 2024-11-21 01:02


NVD link : CVE-2009-1431

Mitre link : CVE-2009-1431

CVE.ORG link : CVE-2009-1431


JSON object : View

Products Affected

symantec

  • endpoint_protection
  • antivirus
  • client_security
  • antivirus_central_quarantine_server
  • system_center