Lucene search

[email protected]CVE-2008-3485

HistoryAug 06, 2008 - 5:41 p.m.

CVE-2008-3485

2008-08-0617:41:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-3485

vulnerability

citrix

metaframe presentation server

icabar.exe

privilege escalation

nvd

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Untrusted search path vulnerability in Citrix MetaFrame Presentation Server allows local users to gain privileges via a malicious icabar.exe placed in the search path.

CPENameOperatorVersion
citrix:metaframe_presentation_servercitrix metaframe presentation serverle3.0
citrix:xpcitrix xple1.0

CPE	Name	Operator	Version
citrix:metaframe_presentation_server	citrix metaframe presentation server	le	3.0
citrix:xp	citrix xp	le	1.0

References

securityreason.com/securityalert/4110

www.securityfocus.com/archive/1/494952/100/0/threaded

www.securityfocus.com/bid/30446

exchange.xforce.ibmcloud.com/vulnerabilities/44490

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2008-3485

cvelist2 prion2 cve1