CVE-2009-2453
Citrix XenApp 4.5 Hotfix Rollup Pack 3 - Access Policy Bypass via Access Gateway Advanced Edition Filters
Title source: llmDescription
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
References (6)
Core 6
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1154
Patch, Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX118792
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34865
Patch vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1022114
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/53900
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/34691
Scores
EPSS
0.0073
EPSS Percentile
72.8%
Details
CWE
CWE-264
Status
published
Products (2)
citrix/presentation_server
4.5 (4 CPE variants)
citrix/xenapp
4.5 fp3
Published
Jul 14, 2009
Tracked Since
Feb 18, 2026