Lucene search
CertccCVE-2008-4388HistoryJan 20, 2009 - 4:30 p.m.
CVE-2008-4388
2009-01-2016:30:00
CWE-20
certcc
web.nvd.nist.gov
123
cve-2008-4388
symantec
appstream client
remote code execution
activex
security vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.89
Percentile
98.8%
The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods.
Affected configurations
Node
symantecappstream_clientMatch5.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | appstream_client | 5.2 | cpe:2.3:a:symantec:appstream_client:5.2:*:*:*:*:*:*:* |
Related
d2
d2
DSquare Exploit Pack: D2SEC_APPSTREAM
2009-01-20 16:30:00
saint
saint
prion
prion
Code injection
2009-01-20 16:30:00
nvd
nvd
CVE-2008-4388
2009-01-20 16:30:00
cert
cert
packetstorm
packetstorm
seebug
seebug
Symantec AppStream客户端LaunchObj ActiveX控件任意文件下载漏洞
2009-01-16 00:00:00
exploitdb
exploitdb
metasploit
metasploit
checkpoint_advisories
checkpoint_advisories
Symantec AppStream Client LaunchObj ActiveX Control Code Execution (CVE-2008-4388)
2012-04-16 00:00:00
Symantec AppStream Client LaunchObj ActiveX Control (CVE-2008-4388)
2010-05-16 00:00:00
symantec
symantec
Symantec AppStream ActiveX Unauthorized Access
2009-01-15 08:00:00
cvelist
cvelist
CVE-2008-4388
2009-01-20 16:00:00
nessus
nessus
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
Low
EPSS
0.89
Percentile
98.8%
Related for CVE-2008-4388