| Max CVSS | 7.5 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-2291 | 7.5 |
axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 generates credentials with a fixed salt or without any salt, which makes it easier for remote attackers to guess encrypted domain credentials.
|
09-10-2019 - 22:55 | 18-05-2008 - 14:20 | |
| CVE-2008-2286 | 7.5 |
SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.
|
11-10-2018 - 20:40 | 18-05-2008 - 14:20 | |
| CVE-2008-2289 | 7.2 |
Unspecified vulnerability in a tooltip element in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
|
08-08-2017 - 01:30 | 18-05-2008 - 14:20 | |
| CVE-2008-2287 | 7.2 |
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 does not properly protect the install directory, which might allow local users to gain privileges by replacing an application component with a Trojan horse.
|
08-08-2017 - 01:30 | 18-05-2008 - 14:20 | |
| CVE-2008-2288 | 3.6 |
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.
|
08-08-2017 - 01:30 | 18-05-2008 - 14:20 | |
| CVE-2008-2290 | 7.2 |
Unspecified vulnerability in the Agent user interface in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows local users to gain privileges via unknown attack vectors.
|
08-08-2017 - 01:30 | 18-05-2008 - 14:20 |