Vulnerability Team: NUEVA VULNERABILIDAD, Citrix XenApp Onine Plug-in ActiveX Control Remote Code Execution Vulnerability

NUEVA VULNERABILIDAD, Citrix XenApp Onine Plug-in ActiveX Control Remote Code Execution Vulnerability

Posted: 5/8/10 by komz in Etiquetas: ActiveX Control Remote Code Execution Vulnerability, citrix, Vulnerabilidades

Citrix XenApp Online Plug-in is prone to a remote code-execution vulnerability that affects the ICA Client ActiveX Object (ICO) component.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow the attacker to execute arbitrary code within the context of the application, typically Internet Explorer, that uses the ActiveX control.

Citrix XenApp Online Plug-in versions prior to 12.0.3 are vulnerable.
REFERENCIA DE LA VULNERABILIDAD

Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.

fuente: securityfocus.com

Vulnerability Team

NIVEL DE VULNERABILIDADES

follow me on Twitter

SOCIAL NETWORK

FOLLOW US ON FACEBOOK

YOUR IP

TRADUCTOR

Herramientas ONLINE

BUSCADOR DE GOOGLE

CATEGORIAS

LINKS

LABELS

NUEVA VULNERABILIDAD, Citrix XenApp Onine Plug-in ActiveX Control Remote Code Execution Vulnerability

0 comentarios: