Lucene search

[email protected]CVE-2007-0444

HistoryJan 24, 2007 - 10:28 p.m.

CVE-2007-0444

2007-01-2422:28:00

CWE-119

[email protected]

web.nvd.nist.gov

citrix

presentation server

stack-based buffer overflow

cve-2007-0444

nvd

enumprintersw

openprinter functions

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.6%

JSON

Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.

CPENameOperatorVersion
citrix:metaframe_presentation_servercitrix metaframe presentation servereq4.0
citrix:metaframe_presentation_servercitrix metaframe presentation servereq3.0
citrix:metaframecitrix metaframeeq1.0

CPE	Name	Operator	Version
citrix:metaframe_presentation_server	citrix metaframe presentation server	eq	4.0
citrix:metaframe_presentation_server	citrix metaframe presentation server	eq	3.0
citrix:metaframe	citrix metaframe	eq	1.0

References

osvdb.org/32958

secunia.com/advisories/23869

securitytracker.com/id?1017553

support.citrix.com/article/CTX111686

www.securityfocus.com/archive/1/458002/100/0/threaded

www.securityfocus.com/bid/22217

www.securityfocus.com/data/vulnerabilities/exploits/testlpc.c

www.vupen.com/english/advisories/2007/0328

www.zerodayinitiative.com/advisories/ZDI-07-006.html

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for CVE-2007-0444

zdi1 prion2 securityvulns2 canvas1 cve1