Threat Monitor
Troj.Downloader.JS.Agent.ent
| Aliase: | |
|---|---|
| Pattern: | 200910161330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
This malicious program exploits vulnerability CVE-2008-4388.
Symantec AppStream is an application deployment framework for Microsoft Windows. Symantec AppStream Client is prone to a Code Execution vulnerability. The vulnerability is caused due to the LaunchObj ActiveX control (launcher.dll) with the CLSID: 3356DB7C-58A7-11D4-AA5C-006097314BF8 containing the "installAppMgr()" insecure method. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected Version: Symantec AppStream Client 5.2
Symantec AppStream is an application deployment framework for Microsoft Windows. Symantec AppStream Client is prone to a Code Execution vulnerability. The vulnerability is caused due to the LaunchObj ActiveX control (launcher.dll) with the CLSID: 3356DB7C-58A7-11D4-AA5C-006097314BF8 containing the "installAppMgr()" insecure method. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected Version: Symantec AppStream Client 5.2
