Lucene search

[email protected]CVE-2006-3779

HistoryJul 24, 2006 - 12:19 p.m.

CVE-2006-3779

2006-07-2412:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

citrix

metaframe

1.0

acl

vulnerability

security

nvd

7.3 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON

Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges.

CPENameOperatorVersion
citrix:metaframecitrix metaframeeq1.8
citrix:presentation_servercitrix presentation servereq4.0
citrix:metaframe_presentation_servercitrix metaframe presentation servereq3.0

CPE	Name	Operator	Version
citrix:metaframe	citrix metaframe	eq	1.8
citrix:presentation_server	citrix presentation server	eq	4.0
citrix:metaframe_presentation_server	citrix metaframe presentation server	eq	3.0

References

secunia.com/advisories/21076

securitytracker.com/id?1016526

support.citrix.com/article/CTX110492

www.securityfocus.com/bid/19056

www.vupen.com/english/advisories/2006/2862

7.3 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON

Related for CVE-2006-3779

cvelist1