6 matches found
CVE-2008-0356
CVE-2008-0356 describes a heap-based buffer overflow in Citrix Presentation Server’s Independent Management Architecture (IMA) service (ImaSrv.exe). By sending crafted packets to the IMA ports 2512/2513, an unauthenticated remote attacker could overflow a heap buffer and execute arbitrary code wi...
CVE-2008-2299
The CVE-2008-2299 entry involves Citrix Presentation Server 4.5 and earlier (also affecting Access Essentials 2.0 and Desktop Server 1.0) where SecureICA and ICA Basic encryption can be configured but allow clients to end up using weaker encryption settings than intended, potentially bypassing ad...
CVE-2007-2850
The CVE-2007-2850 vulnerability affects Citrix Session Reliability Service (XTE) in MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0/1.5. The issue allows remote attackers to bypass network security policies and connect to arbitrary TCP ports by sending a modi...
CVE-2008-2300
CVE-2008-2300 affects Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0. The vulnerability allows remote authenticated users to access unauthorized desktops via unknown attack vectors. The connected documents do not provide concret...
CVE-2008-4676
Summary: CVE-2008-4676 describes an unspecified local privilege-escalation vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0. The issue is triggered by unknown attack vectors related to cr...
CVE-2002-2426
The CVE-2002-2426 entry describes a CSRF vulnerability in Citrix Presentation Server 4.0/4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0–2.0. The issue arises from the InitialProgram key in an ICA connection, allowing remote attackers to run published applications (and possibly ...