7.4 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.011 Low
EPSS
Percentile
84.5%
The Citrix EPA ActiveX control (aka the “endpoint checking control” or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system.
CPE | Name | Operator | Version |
---|---|---|---|
citrix:access_gateway | citrix access gateway | le | 4.5.5 |
citrix:access_gateway | citrix access gateway | le | 4.5 |
osvdb.org/37845
secunia.com/advisories/26143
securityreason.com/securityalert/2916
support.citrix.com/article/CTX113815
support.citrix.com/article/CTX114028
www.securityfocus.com/archive/1/474204/100/0/threaded
www.securityfocus.com/bid/24865
www.securityfocus.com/bid/24975
www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-006.txt
www.vupen.com/english/advisories/2007/2583
exchange.xforce.ibmcloud.com/vulnerabilities/35511