XenApp and XenDesktop could result in Arbitrary Code Execution

Published: 2011-07-28
Last Updated: 2011-07-28 00:20:56 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Citrix has identified a vulnerability in the XenApp and XenDesktop which could potentially be exploited by sending a well crafted packet to the XML vulnerable component. The code will run with the privileges of the service.

Citrix has posted a list of versions vulnerable to this issue with the hotfixes available here.

[1] http://support.citrix.com/article/CTX129430
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

 

0 comment(s)
Diary Archives