Citrix ICA Client Multiple Remote Code Execution Vulnerabilities

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by multiple
remote code execution vulnerabilities.

Description :

The version of Citrix ICA Client installed on the remote host is older
than 12.0.3. Such versions are reportedly affected by the following
remote code execution vulnerabilities:

A vulnerability can be exploited by tricking a user into connecting to
a malicious server, via a malicious '.ICA' file or by other means,
making it possible for an attacker to execute arbitrary code on the
remote client.

Another vulnerability has been identified in the ICA Client ActiveX
Object (ICO) component which can allow an attacker to execute
arbitrary code on the remote client.

See also :

http://support.citrix.com/article/CTX125975
http://support.citrix.com/article/CTX125976
http://seclists.org/fulldisclosure/2010/Aug/39

Solution :

Upgrade to ICA Client 12.0.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 48275 (citrix_ica_client_1203.nasl)

Bugtraq ID: 42149
42150

CVE ID: CVE-2010-2990
CVE-2010-2991

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now