CVE-2009-1431 Vulnerability Analysis & Exploit Details

CVE-2009-1431 Vulnerability Summary

CVE-2009-1431: XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 93.803% (probability of exploit)

EPSS Percentile: 99.37% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 0.6299999999999955% of others.

CVE-2009-1431 References

External References

• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786
• http://secunia.com/advisories/34856
• http://www.securityfocus.com/bid/34675
• http://www.securitytracker.com/id?1022130
• http://www.securitytracker.com/id?1022131
• http://www.securitytracker.com/id?1022132
• http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02
• http://www.vupen.com/english/advisories/2009/1204
• https://exchange.xforce.ibmcloud.com/vulnerabilities/50179
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786
• http://secunia.com/advisories/34856
• http://www.securityfocus.com/bid/34675
• http://www.securitytracker.com/id?1022130
• http://www.securitytracker.com/id?1022131
• http://www.securitytracker.com/id?1022132
• http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02
• http://www.vupen.com/english/advisories/2009/1204
• https://exchange.xforce.ibmcloud.com/vulnerabilities/50179

CWE Common Weakness Enumeration

NVD-CWE-Other

Vulnerable Configurations

• cpe:2.3:a:symantec:antivirus:-:-:corporate:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus:-:-:corporate:*:*:*:*:*
• cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*
• cpe:2.3:a:symantec:antivirus:9.0:-:corporate:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus:9.0:-:corporate:*:*:*:*:*
• cpe:2.3:a:symantec:antivirus:10:*:corporate:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus:10:*:corporate:*:*:*:*:*
• cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*
  cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*
• cpe:2.3:a:symantec:antivirus:10.1.6000.6:*:*:*:*:*:ia64:*
  cpe:2.3:a:symantec:antivirus:10.1.6000.6:*:*:*:*:*:ia64:*
• cpe:2.3:a:symantec:antivirus:10.1.9100.9:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus:10.1.9100.9:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*
  cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*
• cpe:2.3:a:symantec:antivirus:10.1:maintenance_release8:*:*:corporate:*:*:*
  cpe:2.3:a:symantec:antivirus:10.1:maintenance_release8:*:*:corporate:*:*:*
• cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*
  cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*
• cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:-:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:-:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425b:mr1:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425b:mr1:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*
  cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*
• cpe:2.3:a:symantec:endpoint_protection:-:*:*:*:small_business:*:*:*
  cpe:2.3:a:symantec:endpoint_protection:-:*:*:*:small_business:*:*:*
• cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*
• cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*
  cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*
• cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:macos:*:*
  cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:macos:*:*
• cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*
  cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-3284 – The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Reques...
• CVE-2025-3278 – The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4. This is due to the plugi...
• CVE-2025-2010 – The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable to SQL Injection via the 'jobwp_upload_re...
• CVE-2025-43903 – NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.
• CVE-2025-3796 – A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part of the file /admi...