=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2007/VULN074
_____________________________________________________________________

DATE                      : 01/03/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Microsoft Windows systems running Citrix
Presentation Server Client.

======================================================================


CTX112589 - Vulnerability in Citrix Presentation Server Client for
Windows could result in arbitrary code execution

This document was published at: http://support.citrix.com/article/CTX112589

Document ID: CTX112589, Created on: Feb 28, 2007, Updated: Mar 1, 2007

Products: ICA Win32 Program Neighborhood Agent, ICA Win32 Program
Neighborhood Client, ICA Win32 Web Client

Severity: High

Description of Problem
----------------------
The Citrix Presentation Server Client for Windows includes support for
making ICA connections through proxy servers. An implementation flaw in
this functionality may allow an attacker to execute arbitrary code in
the context of the client process.

This vulnerability could potentially be exploited by any malicious Web
site visited by the user. This vulnerability is likely to be exploitable
in most client deployments.

This vulnerability is present in all versions of the Citrix Presentation
Server Client for Windows earlier than 10.0.

What Customers Should Do
------------------------
This vulnerability has been addressed in the Citrix Presentation Server
Client for Windows version 10.0 and later. Citrix strongly recommends
that customers upgrade their Citrix Presentation Server Client for
Windows to version 10.0 and later. These upgrades can be obtained from
the following location:

http://www.citrix.com/English/SS/downloads/downloads.asp?dID=2755

Acknowledgements
----------------
Citrix thanks Karl Lynn of Juniper Networks for reporting this issue and
working with us to protect customers.

What Citrix Is Doing
--------------------
Citrix is proactively notifying customers and channel partners about
this potential security issue. This article is also available from the
Citrix Knowledge Base at http://support.citrix.com/.

Obtaining Support on this Issue
-------------------------------
If you require technical assistance with this issue, please contact
Citrix Technical Support. Information for contacting Citrix Technical
Support is available at http://support.citrix.com/.

Reporting Security Vulnerabilities to Citrix
--------------------------------------------
Citrix welcomes input regarding the security of its products and
considers any and all potential vulnerabilities very seriously. If you
would like to report a security issue to Citrix, please compose an
e-mail to secure@citrix.com containing the exact version of the product
in which the vulnerability was found and the steps needed to reproduce
the vulnerability.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================