N/A

Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555.

N/A

N/A

Critix在线插件和接收证书权限绕过漏洞

Windows 11.0.150版本之前的11.0.x版本和 11.2版本之前的11.x版本的Citrix Online插件，以及 Mac 11.0版本之前的版本的Online插件 , iPhone 1.0.3版本之前的版本的Receiver, 和ICA Java, Mac, UNIX, 以及对XenApp和XenDesktop的Windows客户端中存在未明漏洞。 远程攻击者可以借助一个特制的证书，人格化SSL/TLS服务器并绕过权限。该漏洞不同于CVE-2009-3555。

N/A

N/A