CVE-2008-4388

The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods...

Symantec AppStream LaunchObj - ActiveX Control Arbitrary File Download and Execute (Metasploit)

$Id: symantecappstreamunsafe.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2008-4388

creationtimestamp| type| source ---|---|--- 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16512 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/symantecappstreamunsafe.rb 2025-02-06...

Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute.

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Symantec AppStrea...

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

DSquare Exploit Pack: D2SEC_APPSTREAM

Name| d2secappstream ---|--- CVE| CVE-2008-4388 Exploit Pack| D2ExploitPack Description| Symantec AppStream Client LaunchObj ActiveX Arbitrary Code Execution Vulnerability Notes|...

CVE-2008-4388

The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods...

CVE-2008-4388

CVE-2008-4388 affects Symantec AppStream Client 5.x with the LaunchObj ActiveX control (launcher.dll) prior to 5.2.2 SP3 MP1. The issue arises in the installAppMgr() method (and unspecified other methods), where downloaded files are not properly validated, enabling remote code execution via a cra...

Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute

This module exploits a vulnerability in Symantec AppStream Client 5.x. The vulnerability is in the LaunchObj ActiveX control launcher.dll 5.1.0.82 containing the "installAppMgr" method. The insecure method can be exploited to download and execute arbitrary files in the context of the currently...