Citrix Receiver / Online Plug-in Remote Code Execution (CTX134681)
High Nessus Plugin ID 62310
SynopsisThe remote Windows host has a remote access application installed that is affected by a code execution vulnerability.
DescriptionCitrix Receiver prior to 3.3 or Citrix Online Plug-in prior to 12.3 is installed on the remote Windows host. As such, the install is potentially affected by an unspecified code execution vulnerability. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the client device in the context of the currently logged in user.
SolutionUpgrade to Citrix Receiver 3.3 or later, or Citrix Online Plug-in 12.3 or later.