Description of Problem
A vulnerability has been identified in Citrix XenApp that, when triggered, could result in a denial of service.
This vulnerability is present in all versions of Citrix XenApp, formerly known as Presentation Server, up to and including version 6.5.
In order to trigger this vulnerability, an attacker would need to be able to directly access the XenApp server. When deployed according to established best practice, the XenApp server would not be directly exposed and an Internet-based attacker would not be able to trigger this vulnerability.
What Customers Should Do
A hotfix has been released to address this issue. Citrix recommends that affected customers install this hotfix, which can be downloaded from the following locations: