SSL/TLS Server Impersonation Vulnerability in Citrix Online Plug-in and Receiver
CVE-2009-3936

Currently unrated

Key Information:

Vendor

Citrix
Status
Online Plug-in For Mac
Online Plug-in For Windows
Receiver For Iphone
Vendor
CVE Published:
13 November 2009

What is CVE-2009-3936?

An unspecified vulnerability in Citrix Online Plug-in and Receiver allows remote attackers to impersonate the SSL/TLS server. This can be achieved by using a crafted certificate, enabling the attacker to bypass authentication protocols. Affected versions include multiple releases across Windows and Mac platforms, posing a significant risk to users who rely on Citrix for secure connections. It is crucial to update the affected products to prevent potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2009/3206
vdb-entryx_refsource_VUPEN
http://support.citrix.com/article/CTX123248
x_refsource_CONFIRM
http://www.securityfocus.com/bid/37073
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.