CVE-2008-3485

Technical details about CVE-2008-3485 are not publicly available in the provided documents. Monitor for updates from CVE/NVD entries or vendor advisories.

DSquare Exploit Pack: D2SEC_IMASRV

Name| d2secimasrv ---|--- CVE| CVE-2008-0356 Exploit Pack| D2ExploitPack Description| Citrix Metaframe Presentation Server 4.0 IMA Service Heap Overflow Notes|...

CVE-2002-2426

Cross-site request forgery CSRF vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the...

CVE-2002-2426

The CVE-2002-2426 entry describes a CSRF vulnerability in Citrix Presentation Server 4.0/4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0–2.0. The issue arises from the InitialProgram key in an ICA connection, allowing remote attackers to run published applications (and possibly ...

Citrix Presentation Server远程未授权代码执行漏洞

Citrix Presentation Server是一款集中部署应用和提供按需接入的解决方案。 Citrix Presentation Server存在一个设计问题，远程攻击者可以利用漏洞以授权用户上下文执行任意未授权代码。 如果授权用户被诱使调用ICA连接到Citrix Presentation Server，它可能被攻击者利用并以授权用户上下文执行未授权代码。 ICA连接可通过起用.ica文件或使用ICA客户端插件来调用，因此攻击者构建恶意的.ICA文件，诱使用户打开，可导致任意代码未授权执行。 测试方法 Citrix Presentation Server 4.0 Citrix...

CVE-2007-2850

The CVE-2007-2850 vulnerability affects Citrix Session Reliability Service (XTE) in MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0/1.5. The issue allows remote attackers to bypass network security policies and connect to arbitrary TCP ports by sending a modi...

Citrix Presentation/MetaFrame Server cpprov.dll畸形参数栈缓冲区溢出漏洞

Citrix Presentation Server允许用户通过网络远程访问应用程序。 Citrix Presentation Server的打印提供程序（ccprov.dll）在处理传送给EnumPrintersW和OpenPrinter函数的参数时存在栈溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果攻击者能够通过本地API调用或RPC请求向OpenPrinter传送超过130字节的超长字符串做为其第一个参数的话，就可以触发这个溢出，导致在本地系统环境中执行任意代码。 Citrix MetaFrame XP 1.0 Citrix Presentation Server...

ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability

ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-006.html January 24, 2007 -- CVE ID: CVE-2007-0444 -- Affected Vendor: Citrix -- Affected Products: Citrix Presentation Server 4.0 Citrix MetaFrame...

DSquare Exploit Pack: D2SEC_WFICA

Name| d2secwfica ---|--- CVE| CVE-2006-6334 Exploit Pack| D2ExploitPack Description| Citrix Metaframe Presentation Server Client - ActiveX Heap Overflow Notes|...

CVE-2005-3134

CVE-2005-3134 affects Citrix Metaframe Presentation Server 3.0 and 4.0. The issue allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the ClientName, enabling partial impacts to confidentiality, integrity, and availability as per the CVSSv2 vector...

Citrix Metaframe Presentation Server bypassing policies

DESCRIPTION: ============ Vulnerability in Presentation Server allow to user bypass citrix policy which is applied to client name. SOFTWARE: Citrix Metaframe Presentation Server 3.0 / 4.0 ========= INFO: ===== Citrix Presentation Server policy is used for admins to restrict the user environment a...