Metaframe Presentation Server Security Vulnerabilities and Issues — Metaframe Presentation Server CVE List

CitrixMetaframe Presentation Server

9 matches found

CVE•added 2008/01/18 9:0 p.m.•80 views

CVE-2008-0356

CVE-2008-0356 describes a heap-based buffer overflow in Citrix Presentation Server’s Independent Management Architecture (IMA) service (ImaSrv.exe). By sending crafted packets to the IMA ports 2512/2513, an unauthenticated remote attacker could overflow a heap buffer and execute arbitrary code wi...

10CVSS7.8AI score0.71167EPSS

CVE•added 2007/01/24 10:0 p.m.•59 views

CVE-2007-0444

CVE-2007-0444 affects Citrix Presentation Server 4.0, Citrix MetaFrame Presentation Server 3.0, and Citrix MetaFrame XP 1.0. It is a stack-based/buffer overflow in the print provider library (cpprov.dll) that occurs when long arguments are passed to EnumPrintersW or OpenPrinter, allowing executio...

7.2CVSS7.7AI score0.02452EPSS

CVE•added 2007/07/09 4:0 p.m.•50 views

CVE-2007-3625

The vulnerability CVE-2007-3625 concerns the Program Neighborhood Agent (PNAgent) component of Citrix Presentation Server Client on 32-bit Windows. A crafted content-redirection request with a long pathname can cause the PNAgent to exit, resulting in a denial-of-service condition. Affected are Ci...

5CVSS6.6AI score0.01825EPSS

CVE•added 2008/05/18 2:0 p.m.•49 views

CVE-2008-2300

CVE-2008-2300 affects Citrix Presentation Server 4.5 and earlier, Citrix Access Essentials 2.0 and earlier, and Citrix Desktop Server 1.0. The vulnerability allows remote authenticated users to access unauthorized desktops via unknown attack vectors. The connected documents do not provide concret...

6.5CVSS6.2AI score0.01075EPSS

CVE•added 2006/11/10 11:0 p.m.•47 views

CVE-2006-5821

CVE-2006-5821 affects Citrix MetaFrame XP 1.0/2.0 and Presentation Server 3.0/4.0. The flaw is a heap-based overflow in ImaSystem.dll’s IMA_SECURE_DecryptData1 during decryption of authentication data via the IMA service (ImaSrv.exe). An attacker can supply invalid size values through the IMA por...

7.5CVSS8.2AI score0.09429EPSS

CVE•added 2008/08/06 5:5 p.m.•45 views

CVE-2008-3485

Technical details about CVE-2008-3485 are not publicly available in the provided documents. Monitor for updates from CVE/NVD entries or vendor advisories.

7.2CVSS6.3AI score0.00074EPSS

CVE•added 2006/07/21 6:0 p.m.•44 views

CVE-2006-3779

CVE-2006-3779 affects Citrix MetaFrame up to XP 1.0 Feature 1 on Windows Server 2003. The issue is a registry key created with an insecure ACL, which allows remote authenticated users to gain privileges. The root cause is improper ACL protection on a registry entry, enabling elevation of privileg...

6.5CVSS6.8AI score0.00943EPSS

CVE•added 2006/11/10 11:0 p.m.•44 views

CVE-2006-5861

CVE-2006-5861 affects Citrix MetaFrame XP (1.0/2.0) and Presentation Server (3.0/4.0). The Independent Management Architecture (IMA) service (ImaSrv.exe) is vulnerable to a memory access violation triggered by a crafted packet, causing an unhandled exception and remote denial of service via servi...

5CVSS6.5AI score0.07106EPSS

CVE•added 2007/11/20 12:0 a.m.•41 views

CVE-2002-2426

The CVE-2002-2426 entry describes a CSRF vulnerability in Citrix Presentation Server 4.0/4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0–2.0. The issue arises from the InitialProgram key in an ICA connection, allowing remote attackers to run published applications (and possibly ...

4.3CVSS7.9AI score0.00333EPSS