Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009
CVE: CVE-2008-4388
BID: 33247
OSVDB: 51410

Background

Symantec AppStream is an application deployment framework.

Problem

The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution when a user opens a specially crafted web page.

Resolution

Upgrade to Symantec AppStream Client 5.2.2 SP3 MP1 or set the kill bit for class ID {3356DB7C-58A7-11D4-AA5C-006097314BF8} as described in Microsoft article 240797.

References

http://www.kb.cert.org/vuls/id/194505
http://securityresponse.symantec.com/avcenter/security/Content/2009.01.15.html

Limitations

Exploit works on Symantec AppStream Client 5.2.1 and requires a user to open the exploit page in Internet Explorer.

Platforms

Windows

Back to exploit index