Remote Code Execution Flaw in Citrix XenApp Solutions
CVE-2012-5161

Currently unrated

Key Information:

Vendor: Citrix
Status: Xenapp
Vendor: CVE Published:; 26 December 2012

Summary

The XML Service interface in Citrix XenApp versions 6.5 and 6.5 Feature Pack 1 is vulnerable to a flaw that allows remote attackers to execute arbitrary code. This vulnerability arises from the interface's inadequate validation of inputs, which can be manipulated to exploit the system. A successful attack could lead to significant security breaches, enabling unauthorized access to sensitive data and system controls. Organizations should take immediate action to mitigate this risk.

References

http://support.citrix.com/article/CTX135066

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/80627

vdb-entryx_refsource_XF

http://osvdb.org/88368

vdb-entryx_refsource_OSVDB

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 26, 2012
Vulnerability Reserved
Sep 25, 2012