CVE-2009-3936
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unspecified vulnerability in Citrix Online Plug-in for Windows 11.0.x before 11.0.150 and 11.x before 11.2, Online Plug-in for Mac before 11.0, Receiver for iPhone before 1.0.3, and ICA Java, Mac, UNIX, and Windows Clients for XenApp and XenDesktop allows remote attackers to impersonate the SSL/TLS server and bypass authentication via a crafted certificate, a different vulnerability than CVE-2009-3555.
Vulnerabilidad no especificada en Citrix Online Plug-in para Windows 11.0.x en versiones anteriores a la 11.0.150 y 11.x en versiones anteriores a la 11.2, Online Plug-in para Mac en versiones anteriores a la 11.0, Receiver para iPhone en versiones anteriores a la 1.0.3, y cliente ICA Java, Mac, UNIX, y Windows para XenApp y XenDesktop permite a atacantes remotos hacerse pasar por el servidor SSL/TLS y eludir la autenticación mediante un certificado manipulado, una vulnerabilidad diferente a CVE-2009-3555.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-11-13 CVE Reserved
- 2009-11-13 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/37073 | Vdb Entry | |
http://www.securitytracker.com/id?1023168 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/54213 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://support.citrix.com/article/CTX123248 | 2017-08-17 | |
http://www.vupen.com/english/advisories/2009/3206 | 2017-08-17 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/37319 | 2017-08-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Citrix Search vendor "Citrix" | Online Plug-in For Mac Search vendor "Citrix" for product "Online Plug-in For Mac" | <= 10.0 Search vendor "Citrix" for product "Online Plug-in For Mac" and version " <= 10.0" | - |
Affected
| ||||||
Citrix Search vendor "Citrix" | Online Plug-in For Windows Search vendor "Citrix" for product "Online Plug-in For Windows" | <= 11.2 Search vendor "Citrix" for product "Online Plug-in For Windows" and version " <= 11.2" | - |
Affected
| ||||||
Citrix Search vendor "Citrix" | Online Plug-in For Windows Search vendor "Citrix" for product "Online Plug-in For Windows" | 11.0 Search vendor "Citrix" for product "Online Plug-in For Windows" and version "11.0" | - |
Affected
| ||||||
Citrix Search vendor "Citrix" | Online Plug-in For Windows Search vendor "Citrix" for product "Online Plug-in For Windows" | 11.1 Search vendor "Citrix" for product "Online Plug-in For Windows" and version "11.1" | - |
Affected
| ||||||
Citrix Search vendor "Citrix" | Receiver For Iphone Search vendor "Citrix" for product "Receiver For Iphone" | <= 1.0 Search vendor "Citrix" for product "Receiver For Iphone" and version " <= 1.0" | - |
Affected
|