Citrix has identified a vulnerability in the XenApp and XenDesktop which could potentially be exploited by sending a well crafted packet to the XML vulnerable component. The code will run with the privileges of the service.
Citrix has posted a list of versions vulnerable to this issue with the hotfixes available here.
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Jul 28th 2011
6 years ago