CVE-2009-3110

{"id": "CVE-2009-3110", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-09-08T23:30:00.657", "references": [{"url": "http://secunia.com/advisories/36502", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/36113", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1022779", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does."}, {"lang": "es", "value": "Condici\u00f3n de carrera en la funcionalidad de transferencia de ficheros en Symantec Altiris Deployment Solution v6.9.x anterior a v6.9 SP3 Build 430, permite a atacantes remotos leer archivos sensibles y prevenir las actualizaciones de los clientes mediante la conexi\u00f3n a un puerto de transferencia antes de que lo haga el autentico cliente."}], "lastModified": "2013-02-07T04:21:39.717", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0002047-0965-4086-A5E6-AEC02200B6CF"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBD29C7F-B147-4CDE-8AC3-FCA6CA15C464"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA744B2A-B81E-4E97-A720-307041478B97"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9301CFC-5925-4249-8439-5E2BBAF06687"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4070F9F-F63E-4708-8DA0-339A777383B4"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9DD5AC-7E4C-4A62-A5B3-B179359635A1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}