Citrix Provisioning Services Unspecified Request Parsing Remote Code Execution (CTX133039) (uncredentialed check)
Critical Nessus Plugin ID 59465
SynopsisThe remote Windows host has an application running that is affected by
a remote code execution vulnerability.
DescriptionThe version of Citrix Provisioning Services running on the remote
Windows host is affected by a remote code execution vulnerability in
the SoapServer service due to improper validation of user-supplied
input when parsing date and time strings. An unauthenticated, remote
attacker can exploit this to cause a buffer overflow, resulting in a
denial of service condition or the execution of arbitrary code.
SolutionApply the relevant patch from the vendor's advisory.