Vulnerability Team: NUEVA VULNERABILIDAD, Citrix Online Plug-In and ICA Client Heap Overflow Remote Code Execution Vulnerability

NUEVA VULNERABILIDAD, Citrix Online Plug-In and ICA Client Heap Overflow Remote Code Execution Vulnerability

Posted: 5/8/10 by komz in Etiquetas: citrix, Remote Code Execution Vulnerability, Vulnerabilidades

Citrix Online Plug-In and ICA Client are prone to a remote code-execution vulnerability because the applications fail to properly bounds-check user-supplied data.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are vulnerable:

Citrix Online Plug-in for XenApp & XenDesktop for Windows prior to version 11.2
Citrix Online Plug-in for XenApp & XenDesktop for Mac prior to version 11.0
Citrix ICA Client for Linux (x86 and ARM) prior to version 11.100
Citrix ICA Client for Solaris (x86 and Sparc) prior to version 8.63
Citrix Receiver for Windows Mobile prior to version 11.5

REFERENCIA DE LA VULNERABILIDAD

Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.

fuente: securityfocus.com

Vulnerability Team

NIVEL DE VULNERABILIDADES

follow me on Twitter

SOCIAL NETWORK

FOLLOW US ON FACEBOOK

YOUR IP

TRADUCTOR

Herramientas ONLINE

BUSCADOR DE GOOGLE

CATEGORIAS

LINKS

LABELS

NUEVA VULNERABILIDAD, Citrix Online Plug-In and ICA Client Heap Overflow Remote Code Execution Vulnerability

0 comentarios: