A vulnerability was reported in Symantec Workspace Streaming. A remote user can view and upload files to the target system.
A remote user can supply a specially crafted HTTPS XMLRPC request to access files and functions on the target system. This can be exploited to upload arbitrary code to the target system to create an unauthorized access point on the system and gain application-level access on the system.
Andrea Micalizzi, aka rgod, reported this vulnerability (via HP's Zero Day Initiative).
A remote user can view and upload files to the target system. This can be exploited to execute arbitrary code on the target system.
The vendor has issued a fix (126.96.36.1999 (7.5 SP1)).