Access Control Bypass in Citrix XenApp by Citrix
CVE-2009-2453

Currently unrated

Key Information:

Vendor: Citrix
Status: Presentation Server; Xenapp
Vendor: CVE Published:; 14 July 2009

What is CVE-2009-2453?

Citrix XenApp (previously known as Presentation Server) 4.5 Hotfix Rollup Pack 3 contains a vulnerability that allows attackers to circumvent intended access restrictions. This issue arises when access policies fail to apply correctly in conjunction with Access Gateway Advanced Edition filters, potentially exposing sensitive resources to unauthorized users through undisclosed attack vectors.

References

http://support.citrix.com/article/CTX118792

x_refsource_CONFIRM

http://secunia.com/advisories/34865

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2009/1154

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 14, 2009