CVE-2008-4676

Name of the Vulnerable Software and Affected Versions Citrix XenApp versions 4.5 Feature Pack 1 and earlier Citrix Presentation Server version 4.0 Citrix Access Essentials versions 1.0, 1.5, and 2.0

Description The issue allows local users to gain privileges via unknown attack vectors related to creating an unspecified file.

Recommendations For Citrix XenApp versions 4.5 Feature Pack 1 and earlier, consider restricting access to file creation functionality until a patch is available. For Citrix Presentation Server version 4.0, restrict access to file creation functionality to minimize the risk of exploitation. For Citrix Access Essentials versions 1.0, 1.5, and 2.0, avoid using file creation features in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.