Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4389

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4389
Last Modified 06 Feb 2013 11:05:49
Published 17 Jun 2010 12:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4389

Summary

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.

Vulnerable Systems

Application

  • Symantec Appstream 5.2

  • Symantec Appstream 5.2.1

  • Symantec Appstream 5.2.2

  • Symantec Appstream 5.2.3

  • Symantec Workspace Streaming 6.1


References

CERT-VN - VU#221257

CONFIRM - http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100616_00

XF - symantec-appstream-download-ce(59504)

VUPEN - ADV-2010-1511

BID - 40611

SECUNIA - 40233

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100616_00


Last Updated: 27 May 2016 11:01:48