CVE-2008-4389

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:workspace_streaming:6.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:workspace_streaming:6.1:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:workspace_streaming:6.1:sp2:*:*:*:*:*:*
cpe:2.3:a:symantec:workspace_streaming:6.1:sp3:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:symantec:appstream:5.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:appstream:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:appstream:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:symantec:appstream:5.2.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-06-17 16:30

Updated : 2024-02-04 17:54


NVD link : CVE-2008-4389

Mitre link : CVE-2008-4389

CVE.ORG link : CVE-2008-4389


JSON object : View

Products Affected

symantec

  • workspace_streaming
  • appstream
CWE
CWE-287

Improper Authentication