Symantec Altiris eXpress NS SC Download ActiveX Control Arbitrary File Download Vulnerability
Altiris eXpress NS SC Download ActiveX control is prone to a vulnerability that can allow malicious files to be downloaded and saved to arbitrary locations on an affected computer.
Attackers may exploit this issue to put malicious files in arbitrary locations and execute them within the context of the affected application that uses the affected control (typically Internet Explorer). Other attacks are also possible.
Altiris eXpress NS SC Download ActiveX control 22.214.171.1248 is vulnerable; other versions may also be affected. This control is installed with the following applications:
Altiris Deployment Solution
Altiris Notification Server
Symantec Management Platform
This vulnerability may be related to one of the issues described in BID 36247 (Symantec Altiris Deployment Solution Multiple Remote Vulnerabilities).