Lucene search

[email protected]CVE-2007-3679

HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3679

2007-07-2517:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

citrix

epa

activex

control

remote code execution

cve-2007-3679

7.4 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.5%

JSON

The Citrix EPA ActiveX control (aka the “endpoint checking control” or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system.

CPENameOperatorVersion
citrix:access_gatewaycitrix access gatewayle4.5.5
citrix:access_gatewaycitrix access gatewayle4.5

CPE	Name	Operator	Version
citrix:access_gateway	citrix access gateway	le	4.5.5
citrix:access_gateway	citrix access gateway	le	4.5

References

osvdb.org/37845

secunia.com/advisories/26143

securityreason.com/securityalert/2916

support.citrix.com/article/CTX113815

support.citrix.com/article/CTX114028

www.securityfocus.com/archive/1/474204/100/0/threaded

www.securityfocus.com/bid/24865

www.securityfocus.com/bid/24975

www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-006.txt

www.vupen.com/english/advisories/2007/2583

exchange.xforce.ibmcloud.com/vulnerabilities/35511

7.4 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2007-3679

prion2 securityvulns2 cve1