High severity7.8NVD Advisory· Published Jun 8, 2009· Updated Jun 16, 2026
CVE-2008-6827
CVE-2008-6827
Description
The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*range: >=6.0,<6.9.355
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:-:*:*:*:*:*:*
- (no CPE)range: <6.9.355 SP1
Patches
Vulnerability mechanics
References
9- www.insomniasec.com/advisories/ISVA-081020.1.htmnvdBroken LinkPatch
- www.symantec.com/avcenter/security/Content/2008.10.20a.htmlnvdBroken LinkPatchVendor Advisory
- www.vupen.com/english/advisories/2008/2876nvdBroken LinkPatchVendor Advisory
- secunia.com/advisories/31773nvdBroken LinkVendor Advisory
- www.securityfocus.com/bid/31766nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/46006nvdThird Party AdvisoryVDB Entry
- marc.infonvdMailing List
- osvdb.org/49426nvdBroken Link
News mentions
0No linked articles in our index yet.