In association with heise online

01 March 2007, 14:20

Security hole in the Citrix Presentation Server Client has been closed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A new version of the Citrix Presentation Server Client closes a security hole which could be exploited by attackers to execute arbitrary code on clients. The security advisory published by Citrix does not, however, provide detailed information on this vulnerability.

The bug concerns the support for making ICA connections through proxy servers. Visiting a manipulated web page is enough to execute malicious program code on the client. The Client is a component of the Citrix products Program Neighborhood, Program Neighborhood Agent and Web Client.

This vulnerability is present in all versions of the Presentation Server Client for Windows earlier than 10.0. Version 10.0 closes this security hole, and affected users are strongly recommended to upgrade to this version.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit