7.5
CVE-2006-5821
- EPSS 5.19%
- Veröffentlicht 10.11.2006 23:07:00
- Zuletzt bearbeitet 16.06.2026 22:31:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Citrix ≫ Metaframe Presentation Server Version4.0 Edition64-bit
Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2000
Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2003
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.19% | 0.914 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/22802
http://securitytracker.com/id?1017205
http://support.citrix.com/article/CTX111186
http://www.securityfocus.com/archive/1/451337/100/100/threaded
http://www.securityfocus.com/bid/20986
http://www.vupen.com/english/advisories/2006/4429
http://www.zerodayinitiative.com/advisories/ZDI-06-038.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/30148