PT-2010-4463 · Citrix · Citrix Receiver For Windows Mobile+4
Publicado
2010-08-11
·
Atualizado
2018-10-10
·
CVE-2010-2990
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Citrix Online Plug-in for Windows for XenApp & XenDesktop versions prior to 11.2
Citrix Online Plug-in for Mac for XenApp & XenDesktop versions prior to 11.0
Citrix ICA Client for Linux versions prior to 11.100
Citrix ICA Client for Solaris versions prior to 8.63
Citrix Receiver for Windows Mobile versions prior to 11.5
Description
The issue allows remote attackers to execute arbitrary code via a crafted HTML document, a crafted .ICA file, or a crafted type field in an ICA graphics packet, related to a heap offset overflow issue.
Recommendations
For Citrix Online Plug-in for Windows for XenApp & XenDesktop versions prior to 11.2, update to version 11.2 or later.
For Citrix Online Plug-in for Mac for XenApp & XenDesktop versions prior to 11.0, update to version 11.0 or later.
For Citrix ICA Client for Linux versions prior to 11.100, update to version 11.100 or later.
For Citrix ICA Client for Solaris versions prior to 8.63, update to version 8.63 or later.
For Citrix Receiver for Windows Mobile versions prior to 11.5, update to version 11.5 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Citrix Ica Client For Linux
Citrix Ica Client For Solaris
Citrix Online Plug-In For Mac
Citrix Online Plug-In For Windows
Citrix Receiver For Windows Mobile