Symantec releases patch for application delivery program

by Jeremy Kirk
Be the first to comment | 1I like it!
Tags: AppStream, data protection, patches, Symantec
January 16, 2009, 12:18 PM —  IDG News Service — 

Symantec and the U.S. Computer Emergency Readiness Team are warning about a serious vulnerability within the company's AppStream product, used for steaming applications from a central server to thin-client desktops, though a patch has been released.

The product affected is AppStream version 5.2, which is part of the Symantec Endpoint Virtualization Suite formerly known as Software Virtualization Solution (SVS) Pro.

The problem lies in the LaunchObj ActiveX control, which fails to validate external input when called on by an unauthorized server. CERT wrote in a brief advisory on Friday that if a user can be convinced into viewing a specially crafted HTML (Hypertext Markup Language) document, a hacker could execute arbitrary code with the privileges of that user.

Symantec has created an update to fix the problem and advised administrators to apply it.

Both Symantec and CERT discovered the flaw, which Symantec rated as "high" severity. However, it appears that no exploits have been publicly released.

Symantec acquired AppStream in April 2008. Symantec had sold the AppStream software since 2006.

IDG News Service

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Close

On Twitter now

symantec

Powered by Twitter
Refresh results
You are logged in | Sign out
Sign in and post to Twitter

What are you thinking?

Insert this article url
Cancel Tweet sent

On Twitter now

Post a comment
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
view all newsletters »
EyeSeeCam

19 Weird but Real Gadgets and Gizmos
Take a walk on tech's wild side with some of the strangest, most original, and most bizarre gadgets you've ever seen. We've got vacuums for your lawn, swimwear that can charge your iPod, and grenades that don't explode but still go boom. View slideshow.

See also:

Marketplace