[THIN] Re: Citrix Client v10

• From: "Andrew Wood" <andrew.wood@xxxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Thu, 1 Mar 2007 22:24:13 -0000

"The Citrix Presentation Server Client for Windows includes support for
making ICA connections through proxy servers. An implementation flaw in this
functionality may allow an attacker to execute arbitrary code in the context
of the client process."

 

Surely that's only going to run in the context of the user - so the major
worry there is what?

 

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Malcolm Bruton
Sent: 01 March 2007 16:20
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Citrix Client v10

 

Anyone been brave enough yet for deployment?

 

http://support.citrix.com/article/CTX112589

 

Conveient that citrix have released this article and asked to upgrade to v10
to fix.....

 

Of which I already have our security team asking about upgrading

 

Malcolm

• Follow-Ups:
  • [THIN] Re: Citrix Client v10
    • From: Malcolm Bruton

• References:
  • [THIN] Citrix Client v10
    • From: Malcolm Bruton

Other related posts:

• » [THIN] Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10
• » [THIN] Re: Citrix Client v10

1. Home
2. thin
3. Archive
4. 03-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---