In association with heise online

16 January 2009, 15:27

Symantec closes critical hole in AppStream

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec has closed a critical hole in its AppStream software management platform that allows attackers to gain control of AppStream clients using specially crafted web pages. The problem is caused by unsafe methods (for example installAppMg) in LaunchObj (launcher.dll), an ActiveX control marked "safe for scripting". Attackers can use a forged server to inject and execute arbitrary code on a Windows client.

All AppStream clients up to version 5.2.2 SP3 MP1 are affected. The flawed control was fixed in this version. Symantec recommends that users download and install the update. As a workaround, the US-CERT suggests setting the kill bit for this control. So far, Symantec has found no evidence indicating that the hole has been exploited.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit