Lucene search

K
cveMitreCVE-2007-3679
HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3679

2007-07-2517:30:00
mitre
web.nvd.nist.gov
36
citrix
epa
activex
control
remote code execution
cve-2007-3679

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.01

Percentile

83.8%

The Citrix EPA ActiveX control (aka the “endpoint checking control” or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system.

Affected configurations

Nvd
Node
citrixaccess_gatewayRange4.5hf1advanced
OR
citrixaccess_gatewayRange4.5.5standard
VendorProductVersionCPE
citrixaccess_gateway*cpe:2.3:a:citrix:access_gateway:*:hf1:advanced:*:*:*:*:*
citrixaccess_gateway*cpe:2.3:a:citrix:access_gateway:*:*:standard:*:*:*:*:*

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.01

Percentile

83.8%

Related for CVE-2007-3679