What is the severity of CVE-2008-4389?

CVE-2008-4389 has a CVSS score that indicates a high severity vulnerability due to improper authentication allowing unauthorized file execution.

How do I fix CVE-2008-4389?

To mitigate CVE-2008-4389, upgrade Symantec Workspace Streaming to version 6.1 SP4 or later and Symantec AppStream to a patched version.

What are the affected versions in CVE-2008-4389?

CVE-2008-4389 affects Symantec AppStream versions 5.2.1 to 5.2.3 and Symantec Workspace Streaming versions 6.1 SP1 to 6.1 SP3.

Can CVE-2008-4389 allow remote execution of malicious files?

Yes, CVE-2008-4389 allows remote Workspace Streaming servers or attackers to download and execute arbitrary executable files on the client system.

What types of attacks can exploit CVE-2008-4389?

CVE-2008-4389 can be exploited in man-in-the-middle attacks, enabling remote actors to compromise client systems.

Vulnerability/
CVE-2008-4389

critical

9.3

CWE

287

17/6/2010

7/8/2024

CVE-2008-4389

First published: Thu Jun 17 2010(Updated: )

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.

Credit: cret@cert.org

Affected Software	Affected Version	How to fix
Symantec Workspace Streaming	=6.1-sp1
Symantec Workspace Streaming	=6.1-sp3
Symantec Workspace Streaming	=6.1
Symantec Workspace Streaming	=6.1-sp2
Symantec AppStream	=5.2.2
Symantec AppStream	=5.2.3
Symantec AppStream	=5.2.1
Symantec AppStream	=5.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-4389?
CVE-2008-4389 has a CVSS score that indicates a high severity vulnerability due to improper authentication allowing unauthorized file execution.
How do I fix CVE-2008-4389?
To mitigate CVE-2008-4389, upgrade Symantec Workspace Streaming to version 6.1 SP4 or later and Symantec AppStream to a patched version.
What are the affected versions in CVE-2008-4389?
CVE-2008-4389 affects Symantec AppStream versions 5.2.1 to 5.2.3 and Symantec Workspace Streaming versions 6.1 SP1 to 6.1 SP3.
Can CVE-2008-4389 allow remote execution of malicious files?
Yes, CVE-2008-4389 allows remote Workspace Streaming servers or attackers to download and execute arbitrary executable files on the client system.
What types of attacks can exploit CVE-2008-4389?
CVE-2008-4389 can be exploited in man-in-the-middle attacks, enabling remote actors to compromise client systems.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/tags
agent/event
agent/source
vendor/symantec
canonical/symantec workspace streaming
version/symantec workspace streaming/6.1-sp1
version/symantec workspace streaming/6.1-sp3
version/symantec workspace streaming/6.1
version/symantec workspace streaming/6.1-sp2
canonical/symantec appstream
version/symantec appstream/5.2.2
version/symantec appstream/5.2.3
version/symantec appstream/5.2.1
version/symantec appstream/5.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.