CyberSec.Space Logo
Back to CVE Browser

CVE-2008-4389

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile21.77th
PublishedJun 17, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Symantec

Workspace Streaming

= 6.1
πŸ“¦
Symantec

Workspace Streaming

= 6.1
πŸ“¦
Symantec

Workspace Streaming

= 6.1
πŸ“¦
Symantec

Workspace Streaming

= 6.1
πŸ“¦
Symantec

Appstream

= 5.2
πŸ“¦
Symantec

Appstream

= 5.2.1
πŸ“¦
Symantec

Appstream

= 5.2.2
πŸ“¦
Symantec

Appstream

= 5.2.3

References & Advisories

πŸ”— http://secunia.com/advisories/40233
πŸ”— http://www.kb.cert.org/vuls/id/221257
πŸ”— http://www.securityfocus.com/bid/40611
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100616_00
πŸ”— http://www.vupen.com/english/advisories/2010/1511
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/59504
πŸ”— http://secunia.com/advisories/40233
πŸ”— http://www.kb.cert.org/vuls/id/221257

Related Vulnerabilities

CVE-2014-16497.9

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sen...

CVE-2015-14846.9

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 befor...

CVE-2016-22055.7

Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streamin...

CVE-2016-22065.7

The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Worksp...