Lucene search
K

113 matches found

securityvulns
securityvulns
added 2006/11/09 12:0 a.m.44 views

[Full-disclosure] ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow

ZDI-06-038: Citrix MetaFrame IMA Management Module Remote Heap Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-038.html November 9, 2006 -- CVE ID: CVE-2006-5821 -- Affected Vendor: Citrix -- Affected Products: Citrix MetaFrame XP 1.0 Citrix MetaFrame XP 2.0 Citrix MetaFrame...

7.5CVSS0.2AI score0.0519EPSS
Exploits0
securityvulns
securityvulns
added 2006/08/28 12:0 a.m.36 views

[NT] Citrix Presentation/MetaFrame Server Privilege Escalation

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

1.1AI score
Exploits0
securityvulns
securityvulns
added 2006/08/28 12:0 a.m.53 views

Citrix Metaframe privilege escalation

Weak permissions for registry key allow user defined DLL to be attacjed to system level process...

3.3AI score
Exploits0References1Affected Software3
NVD
NVD
added 2006/07/24 12:19 p.m.13 views

CVE-2006-3779

Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges...

6.5CVSS6.5AI score0.01293EPSS
Exploits0References5
CVE
CVE
added 2006/07/21 6:0 p.m.48 views

CVE-2006-3779

CVE-2006-3779 affects Citrix MetaFrame up to XP 1.0 Feature 1 on Windows Server 2003. The issue is a registry key created with an insecure ACL, which allows remote authenticated users to gain privileges. The root cause is improper ACL protection on a registry entry, enabling elevation of privileg...

6.5CVSS6.8AI score0.01293EPSS
Exploits0References5Affected Software3
Cvelist
Cvelist
added 2006/07/21 6:0 p.m.19 views

CVE-2006-3779

Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges...

6.5AI score0.01293EPSS
Exploits0References5
NVD
NVD
added 2005/12/03 7:3 p.m.22 views

CVE-2005-3971

Cross-site scripting XSS vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field...

4.3CVSS5.7AI score0.01405EPSS
Exploits0References7
CVE
CVE
added 2005/12/03 7:0 p.m.54 views

CVE-2005-3971

CVE-2005-3971 affects Citrix MetaFrame Secure Access Manager 2.0–2.2 and NFuse Elite 1.0. It is a cross-site scripting (XSS) vulnerability in the login form that allows remote attackers to inject arbitrary web script or HTML via the username field. The connected sources document this vulnerabilit...

4.3CVSS5.9AI score0.01405EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2005/12/03 7:0 p.m.24 views

CVE-2005-3971

Cross-site scripting XSS vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field...

5.7AI score0.01405EPSS
Exploits0References7
NVD
NVD
added 2005/10/04 10:2 p.m.24 views

CVE-2005-3134

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name ClientName...

7.5CVSS6.7AI score0.02067EPSS
Exploits1References7
CVE
CVE
added 2005/10/04 4:0 a.m.55 views

CVE-2005-3134

CVE-2005-3134 affects Citrix Metaframe Presentation Server 3.0 and 4.0. The issue allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the ClientName, enabling partial impacts to confidentiality, integrity, and availability as per the CVSSv2 vector...

7.5CVSS7.1AI score0.02067EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2005/10/04 4:0 a.m.28 views

CVE-2005-3134

Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name ClientName...

6.7AI score0.02067EPSS
Exploits1References7
securityvulns
securityvulns
added 2005/10/01 12:0 a.m.23 views

Citrix Metaframe Presentation Server protection bypass

Restrictions policy is based upon paramters controlled by client...

3.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/10/01 12:0 a.m.22 views

Citrix Metaframe Presentation Server bypassing policies

DESCRIPTION: ============ Vulnerability in Presentation Server allow to user bypass citrix policy which is applied to client name. SOFTWARE: Citrix Metaframe Presentation Server 3.0 / 4.0 ========= INFO: ===== Citrix Presentation Server policy is used for admins to restrict the user environment a...

0.2AI score
Exploits0
CVE
CVE
added 2005/05/10 4:0 a.m.54 views

CVE-2004-1902

CVE-2004-1902 affects Citrix MetaFrame Password Manager 2.0. When a central credential store is not configured, passwords entered immediately after the First Time User Wizards are not encrypted, allowing local users to access sensitive information. Impact: partial confidentiality loss for credent...

2.1CVSS6.8AI score0.00356EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.21 views

CVE-2004-1902

The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information...

6.4AI score0.00356EPSS
Exploits0References7
CVE
CVE
added 2005/05/10 4:0 a.m.96 views

CVE-2003-1157

CVE-2003-1157 describes a cross-site scripting (XSS) vulnerability in the Citrix MetaFrame XP Server 1.0 Web Interface component, affecting the login.asp handling of the NFuse_Message parameter. Attackers can inject arbitrary web script or HTML via this parameter, potentially impacting users' bro...

4.3CVSS5.7AI score0.03885EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.23 views

CVE-2003-1157

Cross-site scripting XSS vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuseMessage parameter...

5.7AI score0.03885EPSS
Exploits1References7
NVD
NVD
added 2005/05/02 4:0 a.m.9 views

CVE-2005-0821

Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypass organizer restrictions to control the keyboard and mouse...

7.5CVSS6.5AI score0.01322EPSS
Exploits0References4
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-0822

Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy...

2.1CVSS6.5AI score0.00368EPSS
Exploits0References5
Rows per page
Query Builder