Citrix XenApp and XenDesktop XML Service Interface Remote Code Execution Vulnerability

Citrix XenApp and XenDesktop are prone to a remote code-execution vulnerability.

An attacker can exploit this vulnerability to execute arbitrary code in the context of a service account on the vulnerable server.

The following products are affected:

XenApp version 6 and prior versions
XenApp Fundamentals version 6 and prior versions
XenDesktop 4
XenDesktop 4 with Feature Packs 1
XenDesktop 4 with Feature Packs 2


 

Privacy Statement
Copyright 2010, SecurityFocus