Required CVE Record Information
Description
The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods.
References 4 Total
- kb.cert.org: VU#194505 third-party-advisory
- http://www.symantec.com/avcenter/security/Content/2009.01.15.html
- securityfocus.com: 33247 vdb-entry
- securitytracker.com: 1021609 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- kb.cert.org: VU#194505 third-party-advisoryx_transferred
- http://www.symantec.com/avcenter/security/Content/2009.01.15.html x_transferred
- securityfocus.com: 33247 vdb-entryx_transferred
- securitytracker.com: 1021609 vdb-entryx_transferred