Remote Code Execution Flaw in Citrix XenApp Solutions
CVE-2012-5161

Currently unrated

Key Information:

Vendor
Citrix
Status
Vendor
CVE Published:
26 December 2012

Summary

The XML Service interface in Citrix XenApp versions 6.5 and 6.5 Feature Pack 1 is vulnerable to a flaw that allows remote attackers to execute arbitrary code. This vulnerability arises from the interface's inadequate validation of inputs, which can be manipulated to exploit the system. A successful attack could lead to significant security breaches, enabling unauthorized access to sensitive data and system controls. Organizations should take immediate action to mitigate this risk.

References

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.