Altiris Altiris.AeXNSPkgDL.1 ActiveX Control DownloadAndInstall() Method Arbitrary Code Execution

High Nessus Plugin ID 41062


The remote Windows host has an ActiveX control that allows execution of arbitrary code.


The Altiris.AeXNSPkgDL.1 ActiveX control, a component of Altiris Deployment Solution, Altiris Notification Server, and Symantec Management Platform, is installed on the remote Windows host.

The installed version of this control provides an unsafe method, named 'DownloadAndInstall'.

If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this issue could be leveraged to download and execute arbitrary code on the affected system subject to the user's privileges.


Either set the kill bit or apply the vendor's hotfix to upgrade the control to version or later.

See Also

Plugin Details

Severity: High

ID: 41062

File Name: altiris_aexnspkgdllib_activex_download.nasl

Version: $Revision: 1.13 $

Type: local

Agent: windows

Family: Windows

Published: 2009/09/23

Modified: 2014/06/06

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/09/23

Vulnerability Publication Date: 2009/09/09

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute)

Reference Information

CVE: CVE-2009-3028

BID: 36346

OSVDB: 57893

Secunia: 36679

CWE: 264