Symantec releases patch for application delivery program

by Jeremy Kirk

Be the first to comment | 1I like it!
Tags: AppStream, data protection, patches, Symantec

January 16, 2009, 01:18 PM — IDG News Service —

Symantec and the U.S. Computer Emergency Readiness Team are warning about a serious vulnerability within the company's AppStream product, used for steaming applications from a central server to thin-client desktops, though a patch has been released.

The product affected is AppStream version 5.2, which is part of the Symantec Endpoint Virtualization Suite formerly known as Software Virtualization Solution (SVS) Pro.

The problem lies in the LaunchObj ActiveX control, which fails to validate external input when called on by an unauthorized server. CERT wrote in a brief advisory on Friday that if a user can be convinced into viewing a specially crafted HTML (Hypertext Markup Language) document, a hacker could execute arbitrary code with the privileges of that user.

Symantec has created an update to fix the problem and advised administrators to apply it.

Both Symantec and CERT discovered the flaw, which Symantec rated as "high" severity. However, it appears that no exploits have been publicly released.

Symantec acquired AppStream in April 2008. Symantec had sold the AppStream software since 2006.

IDG News Service

I like it!

Email
Print
Share
- Slashdot
- Digg
- Stumble
- Reddit
- Newsvine

On Twitter now

symantec

Refresh results

More Symantec Results from Twitter

You are logged in | Sign out

What are you thinking?

Insert this article url

Username or email Password ITworld does not store your password

Cancel

New to Twitter? Create an account

Tweet sent

On Twitter now

symantec

More Tweets

Post a comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Subject:

Comment: *

Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
Lines and paragraphs break automatically.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

*E-mail address:

*Verify E-mail:

*Job Title:

*Industry:

*Company Size:

*Country

* State:

I would like to receive offers via email from ITworld partners.

By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.

view all newsletters »

Facebook's most wanted
Social networking has a dark and hilarious side of ill-conceived criminality. Here are some of Facebook's dimmest crooks (and smartest detectives). View slideshow.

See also:

12 Types of Cell Phone Users That Drive Us Nuts

Five new technologies for your home

10 iPhone wellness apps for the comically lazy

12 Types of Tech Zealots: How to Spot Them in the Wild

	Cocoa Programming Developer's Handbook Make Mac OS X application development quick, efficient, and even fun. Enter now!
	Plug-In PHP: 100 Power Solutions 100 ready-to-run PHP plug-ins you can use to create dynamic Web content. Enter now!

Symantec releases patch for application delivery program

On Twitter now

symantec

What are you thinking?

On Twitter now

symantec

Ease integration of Unix, Linux and Windows-based computers