Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: XenApp and XenDesktop could result in Arbitrary Code Execution - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
XenApp and XenDesktop could result in Arbitrary Code Execution

Citrix has identified a vulnerability in the XenApp and XenDesktop which could potentially be exploited by sending a well crafted packet to the XML vulnerable component. The code will run with the privileges of the service.

Citrix has posted a list of versions vulnerable to this issue with the hotfixes available here.

[1] http://support.citrix.com/article/CTX129430
 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

 

Guy

411 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!