Check Point Advisories

Update Protection against Symantec AppStream Client LaunchObj ActiveX Control Program Execution

Check Point Reference: CPAI-2009-023
Date Published: 23 Jan 2009
Severity: Medium
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA33582
Industry Reference:CVE-2008-4388
Protection Provided by:
Who is Vulnerable? Symantec AppStream Client 5.x
Vulnerability Description A remote code execution vulnerability was reported in Symantec AppStream Client. The AppStream Client is part of a Software Virtualization Solution (SVS) which allows streaming of virtual applications to users in an enterprise environment using the AppStream Server. The vulnerability is due to failure to properly validate whether the server to which the client connects is valid and authorized or not. Remote unauthenticated attackers can exploit this vulnerability by masquerading as a valid server and convincing a client to open a crafted HTML file. Successful exploitation will lead to arbitrary files being downloaded and executed within the context of the client.
Vulnerability DetailsThe vulnerability exists in the LaunchObj ActiveX Control. This vulnerability is due to a design weakness as a result of which any webserver can masquerade as a legitimate AppStream server and serve the AWEClientSetup.exe. An attacker can expolit this by enticing a target user to visit a malicious web page. Successful exploitation allows execution of arbitrary code.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK