Unrated severityNVD Advisory· Published Jan 20, 2009· Updated Apr 23, 2026
CVE-2008-4388
CVE-2008-4388
Description
The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods.
Affected products
1- cpe:2.3:a:symantec:appstream_client:5.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.symantec.com/avcenter/security/Content/2009.01.15.htmlnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/194505nvdUS Government Resource
- securitytracker.com/idnvd
- www.securityfocus.com/bid/33247nvd
News mentions
0No linked articles in our index yet.