Is CVE-2009-3028 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Symantec Altiris_deployment_solution

CVE-2009-3028

The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote…

EPSS: 0.626 (98.4th percentile) — read the EPSS interpretation.

Affected products

Symantec Altiris_deployment_solution — versions 6.9
Symantec Altiris_notification_server — versions 6.0
Symantec Management_platform — versions 7.0
N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

36346 (Exploit, vdb-entry, x_refsource_BID)
57893 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM, Patch)
36679 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2009-3028?: CVE-2009-3028 is a vulnerability in Symantec Altiris_deployment_solution. Published 2011-03-07.
Is CVE-2009-3028 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.