The Citrix print provider is used by Citrix Presentation Server to allow users to print to their local printer from published applications. A buffer overflow vulnerability has been reported in this component, this can be exploited by either:
• A local API call
• An unauthenticated RPC request
This overflow could be used to execute arbitrary code in the context of the Local System account.
This vulnerability is present in all versions of Citrix MetaFrame XP and Presentation Server up to and including 4.0
*sigh* another one. It’s another buffer overflow vulnerability and seems pretty critical. Well, Citrix users, time to patch. The fix is already released here.