7.5

CVE-2006-5821

EPSS 9.43%
Veröffentlicht 10.11.2006 23:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Heap-based buffer overflow in the IMA_SECURE_DecryptData1 function in ImaSystem.dll for Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to execute arbitrary code via requests to the Independent Management Architecture (IMA) service (ImaSrv.exe) with invalid size values that trigger the overflow during decryption.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Citrix ≫ Metaframe Version1.0 Editionwindows_2000

Citrix ≫ Metaframe Version3.0 Editionmicrosoft_windows_2000

Citrix ≫ Metaframe Presentation Server Version4.0 Edition64-bit

Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2000

Citrix ≫ Metaframe Presentation Server Version4.0 Editionmicrosoft_windows_2003

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.43%	0.925

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/22802

http://securitytracker.com/id?1017205

http://support.citrix.com/article/CTX111186

Patch

http://www.securityfocus.com/archive/1/451337/100/100/threaded

http://www.securityfocus.com/bid/20986

http://www.vupen.com/english/advisories/2006/4429

http://www.zerodayinitiative.com/advisories/ZDI-06-038.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/30148

https://nvd.nist.gov/vuln/detail/CVE-2006-5821

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5821

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5821

EUVD