Citrix: Security Vulnerabilities
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-01-23
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
CVSS Score
6.0
EPSS Score
0.001
Published
2017-01-23
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-01-23
Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer.
CVSS Score
9.8
EPSS Score
0.038
Published
2017-01-18
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.012
Published
2017-01-18
Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.062
Published
2017-01-18
Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.003
Published
2017-01-18
Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.035
Published
2017-01-18
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating "the researcher was unable to provide us with information that would allow us to confirm the behaviour and, despite extensive investigation on test deployments of supported products, we were unable to reproduce the behaviour as he described. The researcher has also, despite additional requests for information, ceased to respond to us."
CVSS Score
6.8
EPSS Score
0.035
Published
2016-11-07
Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header.
CVSS Score
8.8
EPSS Score
0.005
Published
2016-10-28