Kaspersky LabKLA10110KLA10110 ACE vulnerability in Citrix
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.6%
An unspecified vulnerability was found in Citrix products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely at a point related to the ICA graphics packet via a specially designed HTML or ICA document.
Original advisories
Related products
CVE list
CVE-2010-2990 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Affected Products
- Citrix Xenapp & Xendesktop Online plug-in versions 11.1 and earlier for WindowsCitrix Xenapp & Xendesktop Online plug-in versions 10.0Β and earlier forΒ MacOSCitrix ICA Client versions 11.0 and earlier for LinuxCitrix ICA Client versions 8.62 and earlier for SolarisCitrix Receiver versions 11.0 and earlier for Windows Mobile
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.7 High
AI Score
Confidence
Low
0.027 Low
EPSS
Percentile
90.6%