Symantec AppStream / Workspace Streaming Remote Code Execution (SYM10-008)
High Nessus Plugin ID 47046
SynopsisThe remote host has a code execution vulnerability.
DescriptionThe version of Symantec AppStream or Symantec Workspace Streaming running on the remote host has a remote code execution vulnerability.
The client does not properly authenticate to the server before downloading available files.
A remote attacker could exploit this by setting up a rogue Workspace Streaming server, forcing clients to download arbitrary files without the need for user interaction. This could result in arbitrary code execution.
SolutionUpgrade to Symantec Workspace Streaming 6.1 SP4 (188.8.131.524) or later.