Symantec AppStream Client 'LaunchObj' ActiveX Control Arbitrary File Download Vulnerability

info
discussion
exploit
solution
references

Symantec AppStream Client 'LaunchObj' ActiveX Control Arbitrary File Download Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.

A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.