Citrix XenApp XML Service Interface Crafted Packet Parsing Remote Code Execution (CTX135066)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by a remote
code execution vulnerability.

Description :

The version of Citrix XenApp installed on the remote Windows host is
potentially affected by an unspecified vulnerability in the XML service
interface. An unauthenticated, remote attacker can exploit this to
execute arbitrary code on the remote host.

See also :

http://support.citrix.com/article/CTX135066

Solution :

Apply the relevant vendor-supplied patch.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 63339 ()

Bugtraq ID: 56907

CVE ID: CVE-2012-5161

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now