Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Citrix security updates

Number: AV16-048
Date: 11 March 2016

Purpose

The purpose of the advisory is to bring attention to the recently released security updates for Citrix.

Assessment

Citrix Licensing has released security updates to address CVE-2015-8277 that could allow a remote, unauthenticated attacker to crash the License Server and potentially execute arbitrary code on the server.

Affected Version:

  • Citrix License Server 11.13.12 and earlier for Windows
  • Citrix License Server VPX 11.13.12 and earlier

CVE Reference: CVE-2015-8277

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

http://support.citrix.com/article/CTX207824

Date modified: