10 matches found
CVE-2003-1157
CVE-2003-1157 describes a cross-site scripting (XSS) vulnerability in the Citrix MetaFrame XP Server 1.0 Web Interface component, affecting the login.asp handling of the NFuse_Message parameter. Attackers can inject arbitrary web script or HTML via this parameter, potentially impacting users' bro...
CVE-2001-0716
CVE-2001-0716 affects Citrix MetaFrame 1.8 Server with Service Pack 3 and Citrix MetaFrame XP/XP SP1. The vulnerability stems from improper handling of multiple sessions during authentication, allowing a remote attacker to cause a crash/DoS by initiating a large number of incomplete sessions. The...
CVE-2007-0444
CVE-2007-0444 affects Citrix Presentation Server 4.0, Citrix MetaFrame Presentation Server 3.0, and Citrix MetaFrame XP 1.0. It is a stack-based/buffer overflow in the print provider library (cpprov.dll) that occurs when long arguments are passed to EnumPrintersW or OpenPrinter, allowing executio...
CVE-2000-0244
The CVE-2000-0244 entry concerns the Citrix ICA (Independent Computing Architecture) protocol, which uses weak encryption (XOR) for user authentication. According to the provided data, the vulnerability has a CVSS v2 base score of 10.0 (HIGH) with network attack vector, no authentication required...
CVE-2001-0908
Technical details about CVE-2001-0908 are not publicly available in the provided connected documents. The initial description summarizes the issue (Citrix Metaframe 1.8 logs client IP, enabling spoofing) but no specifics on affected versions, exploit, or fixes are provided. Monitor for updates.
CVE-2005-3134
CVE-2005-3134 affects Citrix Metaframe Presentation Server 3.0 and 4.0. The issue allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the ClientName, enabling partial impacts to confidentiality, integrity, and availability as per the CVSSv2 vector...
CVE-2007-2850
The CVE-2007-2850 vulnerability affects Citrix Session Reliability Service (XTE) in MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0/1.5. The issue allows remote attackers to bypass network security policies and connect to arbitrary TCP ports by sending a modi...
CVE-2006-5821
CVE-2006-5821 affects Citrix MetaFrame XP 1.0/2.0 and Presentation Server 3.0/4.0. The flaw is a heap-based overflow in ImaSystem.dll’s IMA_SECURE_DecryptData1 during decryption of authentication data via the IMA service (ImaSrv.exe). An attacker can supply invalid size values through the IMA por...
CVE-2006-5861
CVE-2006-5861 affects Citrix MetaFrame XP (1.0/2.0) and Presentation Server (3.0/4.0). The Independent Management Architecture (IMA) service (ImaSrv.exe) is vulnerable to a memory access violation triggered by a crafted packet, causing an unhandled exception and remote denial of service via servi...
CVE-2006-3779
CVE-2006-3779 affects Citrix MetaFrame up to XP 1.0 Feature 1 on Windows Server 2003. The issue is a registry key created with an insecure ACL, which allows remote authenticated users to gain privileges. The root cause is improper ACL protection on a registry entry, enabling elevation of privileg...