Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: XenApp and XenDesktop could result in Arbitrary Code Execution - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
XenApp and XenDesktop could result in Arbitrary Code Execution

Citrix has identified a vulnerability in the XenApp and XenDesktop which could potentially be exploited by sending a well crafted packet to the XML vulnerable component. The code will run with the privileges of the service.

Citrix has posted a list of versions vulnerable to this issue with the hotfixes available here.

[1] http://support.citrix.com/article/CTX129430
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

 

Guy

439 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!